Think Very Carefully About What the SQL Commands are Doing

FAP is company that slaughters animals and turns their skin into overpriced products which are then sold to rich bastards! Help animal rights activists increase political awareness by hacking their mailing list.

Re: Think Very Carefully About What the SQL Commands are Doing

Post by allmight on Tue Oct 10, 2017 4:00 pm
([msg=94764]see Re: Think Very Carefully About What the SQL Commands are Doing[/msg])

--oops wrong thread--
allmight
New User
New User
 
Posts: 4
Joined: Tue Oct 10, 2017 3:56 pm
Blog: View Blog (0)


Re: Think Very Carefully About What the SQL Commands are Doing

Post by BLKglass on Fri Jan 05, 2018 6:04 pm
([msg=95122]see Re: Think Very Carefully About What the SQL Commands are Doing[/msg])

So apparently the order of the columns matters for viewing purposes :oops:
BLKglass
New User
New User
 
Posts: 1
Joined: Wed May 28, 2014 12:15 pm
Blog: View Blog (0)


Re: Think Very Carefully About What the SQL Commands are Doing

Post by why tspace on Mon Feb 12, 2018 3:38 am
([msg=95248]see Re: Think Very Carefully About What the SQL Commands are Doing[/msg])

I guessed the name of a column in a table, and just kept adding more columns to select from until I got the list of emails (to match the number of columns from the other table when loading the products).

One thing that troubled me was that UNION produced a bunch of blank fields, but UNION ALL gave me the correct emails. UNION should give me distinct rows, and UNION ALL includes all rows. I have no idea how my result set from using UNION without ALL would have failed giving me back the emails.
why tspace
New User
New User
 
Posts: 13
Joined: Sun Feb 11, 2018 10:31 pm
Blog: View Blog (0)


Re: Think Very Carefully About What the SQL Commands are Doing

Post by ZanmatoOverdrive on Sat Jun 22, 2019 6:55 am
([msg=98461]see Re: Think Very Carefully About What the SQL Commands are Doing[/msg])

So, I was able to get the address by guessing a specific column, is there a way to retrieve all columns?
ZanmatoOverdrive
New User
New User
 
Posts: 2
Joined: Sat Jun 22, 2019 6:46 am
Blog: View Blog (0)


Re: Think Very Carefully About What the SQL Commands are Doing

Post by xyz3lt on Tue Jul 09, 2019 7:11 am
([msg=98595]see Re: Think Very Carefully About What the SQL Commands are Doing[/msg])

I'd like to note that 'UNION ALL' and 'SELECT ALL' are 2 very different things
Also i need this as my second post
xyz3lt
New User
New User
 
Posts: 2
Joined: Tue Jul 09, 2019 6:52 am
Blog: View Blog (0)


Re: Think Very Carefully About What the SQL Commands are Doing

Post by brunogiordannof on Fri Jul 12, 2019 11:22 am
([msg=98622]see Re: Think Very Carefully About What the SQL Commands are Doing[/msg])

Really nice misson! If u are stuck just try more. I tryed for 4 days. Study more about SQLi and UNION ALL operator. I'm sure it will be worthy.
brunogiordannof
New User
New User
 
Posts: 1
Joined: Fri Jul 12, 2019 10:56 am
Blog: View Blog (0)


Re: Think Very Carefully About What the SQL Commands are Doing

Post by i_m_not_a_pipe on Sat Oct 26, 2019 1:04 pm
([msg=99563]see Re: Think Very Carefully About What the SQL Commands are Doing[/msg])

I succeded to gat all the products on the same page with a simple SLQi

Now the UNION Query...
i_m_not_a_pipe
New User
New User
 
Posts: 1
Joined: Fri Oct 25, 2019 1:08 am
Blog: View Blog (0)


Re: Think Very Carefully About What the SQL Commands are Doing

Post by Mackyboy123 on Fri Jan 17, 2020 6:15 am
([msg=100146]see Re: Think Very Carefully About What the SQL Commands are Doing[/msg])

Hi,
I've been tacking this mission for some time now. I think I understand what I need to put in the box, but it sanitizes the input. How can I inject sql into the boxes when the input is sanitised. Also, are the other links part of the mission?
Mackyboy123
New User
New User
 
Posts: 5
Joined: Tue Jan 07, 2020 9:59 am
Blog: View Blog (0)


Re: Think Very Carefully About What the SQL Commands are Doing

Post by perojuric on Sun Apr 26, 2020 1:11 pm
([msg=103707]see Re: Think Very Carefully About What the SQL Commands are Doing[/msg])

For me, the moment when I got to progress with this mission is when I realized that the number of columns inside the p******* table was important for this mission.

-- Sun Apr 26, 2020 1:15 pm --

BasedLizardTitties wrote:One thing that really threw me was the fact that I had to use UNION ALL twice in my injection...


This could be confusing for some people. You do not NEED to use the UNION twice to solve this mission. Once is enough.
perojuric
New User
New User
 
Posts: 4
Joined: Sun Apr 26, 2020 12:47 pm
Blog: View Blog (0)


Re: Think Very Carefully About What the SQL Commands are Doing

Post by wettlettuce on Thu Jul 30, 2020 10:17 pm
([msg=107376]see Re: Think Very Carefully About What the SQL Commands are Doing[/msg])

Very good challenge! For those that are stuck really think about the format of your syntax. You need to understand ORDER BY cmd and also really think about why the format you are using isn't working? Think about your columns!!
Woooo!
wettlettuce
New User
New User
 
Posts: 4
Joined: Tue Jun 30, 2020 4:40 pm
Blog: View Blog (0)


Previous

Return to (Real 4) Fischer's Animal Products

Who is online

Users browsing this forum: No registered users and 0 guests