Monday, June 17, 2013

3dub 2

2pt challenge @
we are given a simple login page typical username and password setup

We assumed sql so..


so it is SQLinjection...we are pretty n00b over here so we used our toolkit to our advantage

It says there is a keys table so lets make a query to the table and grab that info
SQL(name' UNION ALL SELECT * FROM keys -- )


No comments:

Post a Comment