Do not use sqlmap.It is actually not complicated.

Just use sqlmap :)

ezpz

clue: search about information_schema

I'm new here, it's pretty hard for me lol

i rate this challenge 3 * , and medium difficulty

ezzpz

ezzpz

ezzpz

ezzpz

https://blog.csdn.net/arbitraty/article/details/80202040 https://blog.csdn.net/qq_32863631/article/details/83024322 these help me a lot

Doesnt really help when you dont speak Chinese lol

If you're struggling, the concepts on this blog are explained very nicely-

Exploiting SQL Injection: a Hands-on Example

You're the best!

hmmm I just started doing all the techniques in the article but it's not working for me nearly in the same way

you're great, bro

Found this very difficult, took me lots of research to solve. Site mentioned in comments was helpful. In the end got much better at understanding sql stuff and am ready to break the interweb.

Very awesome and one of the CTF in this website!!

I swear i knew sql for sqli like 2 months ago and i just forgot most of it ☠️

show tables in information_schema.tables then show column in information_schema.columns

use --random-agent in sqlmap to bypass firewall