I verymuch enjoi this video keep up content like this i have seen lots of other people who do how to rooms for thm but you dont only focus on flags but also about going threw the hole content in this room. as you might guessed of my writing i am not speaking english as a motherlangue so it is harder to read in english for me then to listen to it. great video!!!
What I don't get is that you say at 35.39 that there are only two columns. But if we have id username password, isn't that 3 columns? The task also says that there are two columns. There must be an answer to this but can't work out what. In previous task they say that there is id username and password and they say table has 3 columns. totally confused.
In-band SQLi 15:40 default we have article?id=1 - which in sql looks like - select * from article where id = 1 answer = article 1 1.first of we starting with adding ' so we can produce an error what informs you of SQLi existance article?id=1' ------ which in sql looks like ------ select * from article where id = 1' answer = error so now we're trying to exploit it article?id=1 UNION SELECT 1 ------ which in sql looks like ------ select * from article where id = 1 UNION SELECT 1 which means select (article?id=1) article with id 1 UNION SELECT 1(its kinda like and operator but only for SELECT ) so now its select article with id 1 and select 1 and we're getting error here "SQLISTATE[21000]: Cardinaly violation: 1222 The used SELECT statements have a different number of columns" which tells us number of columns is just different so we're going further and adding second one article?id=1 UNION SELECT 1, 2 - again same error article?id=1 UNION SELECT 1, 2, 3 - we displayed article 1 which means there is no error that could occur here so FIRST ARGUMENT article?id=1 AND SECOND ARGUMENT 1, 2, 3 HAS TO BE TRUE BLIND SQLi 25:30 again we're estabilishing number of columns in user table admin123' (this statement is true) so we're fighting with second one till we get "TRUE" UNION operator is used to combine the result-set of two or more SELECT statements 1,2,3 are columns in table like admin123' UNION SELECT 1;-- is prompting false because there must be different number of col (im not sure it could be 0) but we can assume if the table exists its more than 1 admin123' UNION SELECT 1, 2;-- again its prompting false because its not right value of columns in users table admin123' UNION SELECT 1, 2, 3;-- prompt true because we have 3 columns in users table
Great walk-through! Like the clear voice you use and easy to digest speaking.
I verymuch enjoi this video keep up content like this i have seen lots of other people who do how to rooms for thm but you dont only focus on flags but also about going threw the hole content in this room. as you might guessed of my writing i am not speaking english as a motherlangue so it is harder to read in english for me then to listen to it. great video!!!
Here at Brock Hard we teach the WHOLE lesson, not just the answers! It's totally up to YOU how you want to tackle this series! 😉
Keep going man even though it doesn’t seem to pay off now but it will someday
Thank you, your video helped!) I didn’t understand some moments)
I don't understand some moments! 😂
Great Video man. Keep it up.
What I don't get is that you say at 35.39 that there are only two columns. But if we have id username password, isn't that 3 columns?
The task also says that there are two columns. There must be an answer to this but can't work out what. In previous task they say that there is id username and password and they say table has 3 columns. totally confused.
is using sqlmap for these type of sql injection is better?
password like ='...' - what a terrible method, imagine if admin used 10 alphanumeric. You will be there all year trying to crack it.
what actually " SELECT 1,2,3" is ?
In-band SQLi 15:40
default we have
article?id=1 - which in sql looks like - select * from article where id = 1
answer = article 1
1.first of we starting with adding ' so we can produce an error what informs you of SQLi existance
article?id=1' ------ which in sql looks like ------ select * from article where id = 1'
answer = error
so now we're trying to exploit it
article?id=1 UNION SELECT 1 ------ which in sql looks like ------ select * from article where id = 1 UNION SELECT 1
which means select (article?id=1) article with id 1 UNION SELECT 1(its kinda like and operator but only for SELECT )
so now its select article with id 1 and select 1 and we're getting error here
"SQLISTATE[21000]: Cardinaly violation: 1222 The used SELECT statements have a different number of columns"
which tells us number of columns is just different so we're going further and adding second one
article?id=1 UNION SELECT 1, 2 - again same error
article?id=1 UNION SELECT 1, 2, 3 - we displayed article 1 which means there is no error that could occur here so FIRST ARGUMENT article?id=1 AND SECOND ARGUMENT 1, 2, 3 HAS TO BE TRUE
BLIND SQLi 25:30
again we're estabilishing number of columns in user table
admin123' (this statement is true) so we're fighting with second one till we get "TRUE"
UNION operator is used to combine the result-set of two or more SELECT statements
1,2,3 are columns in table
like
admin123' UNION SELECT 1;-- is prompting false because there must be different number of col (im not sure it could be 0) but we can assume if the table exists its more than 1
admin123' UNION SELECT 1, 2;-- again its prompting false because its not right value of columns in users table
admin123' UNION SELECT 1, 2, 3;-- prompt true because we have 3 columns in users table
No offense but you spoke too fast. didn't get anything and I have been struggling with this
you're speaking way too fast man i couldn't get anything :/