RingZero – SQLi – Most Basic SQLi pattern Objective: Login for user /pass Solution: So let’s try inserting and OR ‘1’=’1’ You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''1''' at line 1 Ok it looks like I put to many ‘ in the injection I tried let’s leave of the last ‘ ‘or’1’=’1 Got the flag Logged in... GOOD JOB! FLAG-238974289383274893
@circusmonkey404 on the twitters; DM for contact