Hello I am currently working on a ctf and I ran into some issues getting responses from the sql database. The hint that was given to me is this php code snippet along with this is vulnerable to UNION select injection. I have tried all these options below along with all many others the only two responses I have received are "auth failed" and "Sorry, something bad happened. Try again"
*$result="SELECT pass FROM users WHERE user='$username'";
if (!strcasecmp(md5($password),$result)) {
// success
} else {
// fail
}*
UNION SELECT 1,2,NULL,NULL WHERE 1=2 --
ORDER BY 1--
admin' --
admin' #
admin'/*
' or 1=1--
' or 1=1#
' or 1=1/*
SELECT user FROM mysql.user; — priv - failed
SELECT table_schema,table_name FROM information_schema.tables WHERE table_schema != ‘mysql’ AND table_schema != ‘information_schema’ - failed
https://ctf.xss.me/orzgame/webapps/funnybiz.php%20and%201=2
SELECT * FROM accounts WHERE username="UNION SELECT'admin','TotalyTheAdminsPassword','dummy','dummy,'dummy','dummy' - failed
1' and 1=1 <- True - failed
1' union select table_name,2 from information_schema.tables# - failed
"UNION SELECT username, password FROM users--
' and (SELECT 1 FROM (select password from users where username = 'admin')
