See if you can leak the whole database using what you know about SQL Injections. link
Don't know where to begin? Check out CTFlearn's SQL Injection Lab
3 days ago
Closes the query string " ' "
Uses a logical operator "or"
Use the boolean condition 1=1 since this is true it will evaluate to true for all the rows in the query
Use "--" this comment indicates that what follows should not be executed (don't forget to put a space after this)
Final "-" this character ensures that any character after the injection does not break the original query.
2 weeks ago
The machine to learn what to do in this lab won't start, says to contact an admin but there is no support button?
The challenge was awesome. I solved it once
1 month ago
easy ecrit 'OR TRUE--'; in input thanks me later
clue => what do we use in SQL to get/select all properties?
nothing do happend
any can help me
3 weeks ago
try this payload: admin' OR '1'='1
it worked for me
Unable to launch challenge. Contact an admin.
nice comment section down here!
Was hard at first but it's pretty easy
3 years ago
i couldn't solve it because im clueless in web, but i know Luke made that problem
Almost there :)
2 years ago
You're not "almost there" how is one supposed to have a single clue on how to "sanitize" it?
Sounds like you got the flag, you just need to submit it!
11 months ago
he was trolling you
can we share how we solve it or will it count as a spoiler. Or give hint to the user that have problem solving it.
did you get it
How is this easy? I literally have no clue what to do i looked up SQL injection and I have no clue where I'm supposed to put the true statement this makes no sense
Hey Carter. We will soon have better ways for people to learn on this site, hang in there!
SQL Injection Lab
1 year ago
for me i got "unable to lunch lab"