SQLi Challenges

Did anyone solve the SQLi challenges?
I am stuck on the second challenge. I understood the injection point and how to cause an error, but I didn’t manage to exploit it yet…

Managed all the challenges now. Contact me if you need help.

3 Likes

I did them all too. Though I have some trouble on the Authentication and Authorization labs. When you get there come on the INE unofficial discord so we can help eachother/you can help me on those xd

1 Like

Cool, sure, will do! That’ll be my next chapter.
On challenge 2 of SQLi , the only things I couldn’t do were:

  1. use sqlmap to grab ruud password. I managed to do it manually, but I couldn’t make sqlmap to inject the base64 encoded payload into the cookie …
  2. On the Arrogant Bank challenge I couldn’t change the money own by Giovanni to make him rich…somehow it seems I don’t have the privileges to write on the table accounts…

Hey, what is your handle on the INE/elS discord channel?
I have done all the authentication and authorization challenges and Labs, let me know if you still need help…
Ps, my handle on discord is L30C
ATB
Leo

I’ve contacted you on DC :+1:
SQLi challenge 2 is the longest lab exercise I’ve done so far. We even talked in the #wapt channel in the discord server, everyone seemed to take a whole day if not more to do it hehe. If you need help with that we can talk about it via discord chat :+1:

Hey all, Im stuck already on the SQLi challenge #1. Im having difficulty finding a vulnerable parameter. Am i overthinking something here or is it right in my face and just don’t see it?

Update: I found it by guessing and using SQLMap. I know this wasnt the correct way, but I was having some difficulty finding it manually. Any tips?

If you are able to find the potential parameter/option, then try the SQLi attack usually by trial and error method or by using tools such as SQLmap, Burpsuite Pro.
IMO If you did it by guessing, probably you did it right .

If you managed to exploit it with sqlmap, try using the payloads used by sqlmap to replicate it manually so that you better understand how the SQL injection worked.
Usually, the best way to proceed is to try to exploit it manually, understand the type of SQLi and then use SQLmap to do the dirty work, but in some cases, if you can’t understand how to do it manually, you can use SQLmap to see if you can exploit it and if you can, just have a look at how it did it. It is super beneficial for your future SQLi exploitations (you can use the -v flag for verbose and --fresh-queries to see the whole process.

I found the parameter, but my output is a binary.
Hint?

Probably you already solved everything lol…
anyway, what Lab are you talking about?

Hi there, can you please share the link to the INE/ELS discord channel?

Sure, here we go…

thank you very much, i had already joined - Googled and found the link. can I message you privately on discord? Just need some guidance on this challenge. I found the vulnerable parameter but I’m unable to dump using sqlmap. I see your handle is L30C. my handle is renegadedme

Sure thing, DM me. I have finished the course so any help you need on the challenges, no probs at all. The only issue is that I won’t be able to access the pc where I have my notes until Friday…so if I remember how I did it on top of my head I’ll tell you otherwise you’ll have to wait until the end of the week :grimacing: