I have to use SQL injection on the id parameter to find the username for the user 736373 but I can’t find the solution for this, I have tried all the standard SQL injections but I have either an error or no answer for the server.
Do you have a hint for this? I have been stuck for some time …
Thanks!
The payload is a very basic one, what threw me off a bit is that it doesn’t use quotation marks.
Hope that helps!
Thank you very much for your answer!
I was mainly doing in wrong because I was wrapping my parameter into quotes (?id=“”) instead of using ‘+’ for spaces.
Hi Guys, I’m still trying to find out how to get the username of the user in position 736373 via sqli, I tried all the payload in the below list, can you give me some hints?
I’m trying to figure this one out too. Did you get it? Can you give me a hint please?
Think about:
Combine both and you should definitely find what you are looking for.
You can use burp to ease the process.
I posted some other hints previously but I think they were removed, probably too much lol
Does anyone have a tip? I tried editing the py and curl file, but to no avail.
You did it?
Unfortunately, no. I ended up temporarily stopping at this point to start studying for the Security+ exam. I plan on coming back to this at some point just haven’t yet. Hope you get it.
Hey, I finded the flag!
I see the module SQL INJECTION FUNDAMENTALS again and i use the logic to find the id and always return true, see the module Subverting Query Logic
Awesome! Glad you found the flag. Thanks for sharing. 
To make it easier, the original query is roughly select * from TABLE where id = 'input' use SQL logic to find the position of 736373. What would you add to the above query to find the position of 736373?
thnks a lot!!, i find the flag
use sqlmap and don’t forget to put the --dump parameter
Not to be over complicate
The section say with a twist of SQLi, indicating we need to use some tools, example sqlmap.
Done…!!!
sqlmap -u 'http://traget_IP:PORT/?id=1' --dump
The question assumes one have some little knowledge for exploiting sql databases
here is the an answer though i suggest to keep trying as this was fun: “” or position = 736373