I'm kinda unclear about what 'poking' means on the SQL Injection 1 chall. Could someone please explain it? I assume it must be important otherwise it wouldn't be there.
Thanks in advance.
I'm kinda unclear about what 'poking' means on the SQL Injection 1 chall. Could someone please explain it? I assume it must be important otherwise it wouldn't be there.
Thanks in advance.
All that really matters is that the poking thing basically just performs a write (e.g. INSERT, UPDATE, DELETE) on a table while you attempt to authenticate.
I'll give you a hint that this is a SQLite database, so maybe you can try googling a bit to see how something like updating is done in SQLite in PHP and how you could exploit that.
All that really matters is that the poking thing basically just performs a write (e.g. INSERT, UPDATE, DELETE) on a table while you attempt to authenticate.
I'll give you a hint that this is a SQLite database, so maybe you can try googling a bit to see how something like updating is done in SQLite in PHP and how you could exploit that.
Ah! I just figured it out. Thanks!
A hint for others, the poke thing gets executed right before the login is done.
Ah! I just figured it out. Thanks!
A hint for others, the poke thing gets executed right before the login is done.