Great explanation. Best to increment by one for each letter/number when "guessing" database/table/username/password instead of randomly hopping between letters and numbers. Then again...a script could automate this entire process, so it's interesting this SQL injection task never mentions it. It leaves learners with the impression they'll have to memorize these manual tests.
Very VERY helpful. I don't totally know all the SQL formatting and arguments and stuff yet, so it helps to have it explained. It was even better once you started explaining beyond the task because it helped reinforce the points the tasks made.
Guys I suggest you to bang your head first and see this video after you complete it on your own to confirm your knowledge. This way you are going to understand everything much better.
What is the purpose of union, from what I understood it is used to select data from multiple tables, I am banging my head against the wall understanding this part union select 1, union select 1,2,3
Like jesus christ age 33rd comment to thank you a lot. I was trying in the third part. Monitoring everything I tried to mix something, but the hint were not so nice.
Hey brother! Can you please cover the CSS room! Been stuck on the last challenge for a couple days and cannot figure out what exactly im doing wrong. Apparently there is an automated component which appears to be complicating things a bit.
At 18:53 did you copy the single apostrophe before the OR? It’s not working for me and I need to spend more time to understand it worked but I don’t understand what I was doing wrong. On a better note I figured out the password started with a three as soon as you said numbers I tried 1 2 then 3 and got a true response on the level three question
At 23:25, Can you please explain how the SQL query -> "SELECT * FROM users where username = 'user' UNION SELECT 1, 2, 3;" changed the value from {"taken" : false} to {"taken" : true} even though the username : 'user' is not present in the database ??
@@missx0 The where condition username = 'user' will never be true because there is no such username in the database. Assume that the users table has 5 columns, when we use ' UNION SELECT 1,2,3,4,5 ' a dummy row with 5 columns will be returned. Since a row with 5 columns ( Similar to that of users table) is returned the application logic assumes that the where condition became true and users table row is fetched.
@@vimalan_sb I think it's just like in 7:36, where the id must be changed from 1 (a valid one) to a 0 (invalid one). TryHackMe's explanation is: The article is being displayed because it takes the first returned result somewhere in the web site's code and shows that. To get around that, we need the first query to produce no results. This can simply be done by changing the article id from 1 to 0. So I'm guessing that if the first part of the UNION statement will somehow be disregarded if it is invalid or produces no results.
You need to keep trying by incrementing the characters until you are able to guess the complete password. In an automated fashion, sqlmap would do this for you.
![[TH] 2024 PMSL SEA Finals D3 | Fall | รู้ผลทีมแชมป์ พร้อมตั๋วสู่ PMGC](http://i.ytimg.com/vi/7NxsN0Ch6vk/mqdefault.jpg)
![Warhammer 40k: Space Marine 2 | เพื่อจักรพรรดิ ! [ตอนเดียวจบ]](http://i.ytimg.com/vi/4M0ckYMA4-U/mqdefault.jpg)
The best expaination for SQL Injection that I've ever heard, I never understood until I watched this video, thank you.
Great explanation. Best to increment by one for each letter/number when "guessing" database/table/username/password instead of randomly hopping between letters and numbers. Then again...a script could automate this entire process, so it's interesting this SQL injection task never mentions it. It leaves learners with the impression they'll have to memorize these manual tests.
This was one of the best explanations of SQL injection I've seen Thank you
Thank you Kind Sir. Now all I have to do is watch👏 cram👏 and repeat.👏
Very VERY helpful. I don't totally know all the SQL formatting and arguments and stuff yet, so it helps to have it explained. It was even better once you started explaining beyond the task because it helped reinforce the points the tasks made.
once again mr. Motasem to help me not lose more time banging my head against the wall, thanks!
very nice video, I was very confused on the wording at level 4 so seeing how you were doing it made it click in my head
Totally agree with previous comments. Thank you for this excellent explanation, couldn't have done it without it.
I struggle in task 8.....thanks for the help!!
The best explanation I have seen for SQL Injection, specially about the task #8 😊
Merci pour tes explications
I find your channel very informative thanks bro.
Friend I really like your classes, please make more videos of hard level machines
Thanks a lot for the detailed explanation. This is so beautiful
great explanation love your content
Thanks broo
Great video, will be watching more.
thanks, man
Guys I suggest you to bang your head first and see this video after you complete it on your own to confirm your knowledge. This way you are going to understand everything much better.
What is the purpose of union, from what I understood it is used to select data from multiple tables, I am banging my head against the wall understanding this part union select 1, union select 1,2,3
Thank you!
This isn't much of an explanation, like why you changed the id to a zero
Well explained thank you🥳
Like jesus christ age 33rd comment to thank you a lot. I was trying in the third part. Monitoring everything I tried to mix something, but the hint were not so nice.
Need Hip Flask walk-through!
Hey brother! Can you please cover the CSS room! Been stuck on the last challenge for a couple days and cannot figure out what exactly im doing wrong. Apparently there is an automated component which appears to be complicating things a bit.
At 18:53 did you copy the single apostrophe before the OR? It’s not working for me and I need to spend more time to understand it worked but I don’t understand what I was doing wrong. On a better note I figured out the password started with a three as soon as you said numbers I tried 1 2 then 3 and got a true response on the level three question
Yes I did. If it didn't work with single one, try it with double.
@@MotasemHamdan I tried with double I was copying with the single apostrophe every time but it only worked once. I’m having fun though.
Thank you so much bro
At 23:25, Can you please explain how the SQL query -> "SELECT * FROM users where username = 'user' UNION SELECT 1, 2, 3;" changed the value from {"taken" : false} to {"taken" : true} even though the username : 'user' is not present in the database ??
I have the same doubt.
@@missx0 The where condition username = 'user' will never be true because there is no such username in the database. Assume that the users table has 5 columns, when we use ' UNION SELECT 1,2,3,4,5 ' a dummy row with 5 columns will be returned. Since a row with 5 columns ( Similar to that of users table) is returned the application logic assumes that the where condition became true and users table row is fetched.
@@vimalan_sb I think it's just like in 7:36, where the id must be changed from 1 (a valid one) to a 0 (invalid one). TryHackMe's explanation is: The article is being displayed because it takes the first returned result somewhere in the web site's code and shows that. To get around that, we need the first query to produce no results. This can simply be done by changing the article id from 1 to 0.
So I'm guessing that if the first part of the UNION statement will somehow be disregarded if it is invalid or produces no results.
the last room kinda confused me
thanks
Can you increase your audio volume ?
I was stuck in lvl 4 after finding 'analytics' as the table name...
Im kind of confused how you got 3845 on the boolean based injection....
so at 35:56, you just keep enumerating all the numbers and letters as long as it returns true? Is that how you get the number 38?
I think I get the answer from you at 42:45. Thank you for making this video!
i want to ask , what if we dont know the length of the password or username?, thank you.
You need to keep trying by incrementing the characters until you are able to guess the complete password. In an automated fashion, sqlmap would do this for you.
your audio is alwas low !
top top de + br
2nd view and like