we are given a simple login page typical username and password setup
We assumed sql so..
and....
so it is SQLinjection...we are pretty n00b over here so we used our toolkit to our advantage
SQLmap
It says there is a keys table so lets make a query to the table and grab that info
SQL(name' UNION ALL SELECT * FROM keys -- )
YAY...
No comments:
Post a Comment