LB Text Battle Formatting - Lets Beef

#1 07-05-2018, 07:01 AM

Quote:

Originally Posted by Shodan

I'm majoring in computer science and @Subreal has his degree. Two potential sources of help I guess although I'm not really in a position to do any nontrivial coding yet.

Pick up some SQL. I did it very briefly and noticed a few errors on LB which were very simple database issues. I expect that 99.9% of LB is SQL based.

---------- Post added at 06:01 AM ---------- Previous post was at 05:59 AM ----------

Quote:

Originally Posted by RULE

We all saw it for was it was. You missed the deadline and extension, then deleted the battle REAL quick.

But god bless my g.

On topic - current format a major plus the more i think on it. Especially with the new variations (font etc)

But, Lock didn't miss the deadline as he'd been granted an extension...and your mentor, crew owner and BFF officially announced you'd been DQed?

07-05-2018, 07:01 AM

Quote:

Originally Posted by Shodan

I'm majoring in computer science and @Subreal has his degree. Two potential sources of help I guess although I'm not really in a position to do any nontrivial coding yet.

Pick up some SQL. I did it very briefly and noticed a few errors on LB which were very simple database issues. I expect that 99.9% of LB is SQL based.

---------- Post added at 06:01 AM ---------- Previous post was at 05:59 AM ----------

Quote:

Originally Posted by RULE

We all saw it for was it was. You missed the deadline and extension, then deleted the battle REAL quick.

But god bless my g.

On topic - current format a major plus the more i think on it. Especially with the new variations (font etc)

But, Lock didn't miss the deadline as he'd been granted an extension...and your mentor, crew owner and BFF officially announced you'd been DQed?

**Shodan** · #2 07-05-2018, 02:04 PM

Quote:

Originally Posted by UnEtH1CaL

Pick up some SQL. I did it very briefly and noticed a few errors on LB which were very simple database issues. I expect that 99.9% of LB is SQL based.

USERNAME: X
PASSWORD: SELECT * FROM Users WHERE 1=1;

**Shodan** · 07-05-2018, 02:04 PM

Quote:

Originally Posted by UnEtH1CaL

Pick up some SQL. I did it very briefly and noticed a few errors on LB which were very simple database issues. I expect that 99.9% of LB is SQL based.

USERNAME: X
PASSWORD: SELECT * FROM Users WHERE 1=1;

**EtH** · #3 10-08-2019, 06:08 AM

Quote:

Originally Posted by Shodan

USERNAME: X
PASSWORD: SELECT * FROM Users WHERE 1=1;

You think I'd never tried to SQL Inject LB on day 1?

Also this wouldn't work because you don't concatonate the username and password. You use quotation marks to break out of the username string and leave the password blank.

I think it'd go:-

Username: EtH" OR User_Id = 1

This would say something like SELECT * FROM Users WHERE Username = "EtH" OR User_Id = 1"

Off the top can't remember how you handle the password though.

**EtH** · 10-08-2019, 06:08 AM

Quote:

Originally Posted by Shodan

USERNAME: X
PASSWORD: SELECT * FROM Users WHERE 1=1;

You think I'd never tried to SQL Inject LB on day 1?

Also this wouldn't work because you don't concatonate the username and password. You use quotation marks to break out of the username string and leave the password blank.

I think it'd go:-

Username: EtH" OR User_Id = 1

This would say something like SELECT * FROM Users WHERE Username = "EtH" OR User_Id = 1"

Off the top can't remember how you handle the password though.

**Subreal** · #4 10-08-2019, 11:36 PM

Quote:

Originally Posted by Dave

You think I'd never tried to SQL Inject LB on day 1?

Also this wouldn't work because you don't concatonate the username and password. You use quotation marks to break out of the username string and leave the password blank.

I think it'd go:-

Username: EtH" OR User_Id = 1

This would say something like SELECT * FROM Users WHERE Username = "EtH" OR User_Id = 1"

Off the top can't remember how you handle the password though.

SQL injections are ridiculously easy to prevent, was only a significant problem yearsss ago

**Subreal** · 10-08-2019, 11:36 PM

Quote:

Originally Posted by Dave

You think I'd never tried to SQL Inject LB on day 1?

Also this wouldn't work because you don't concatonate the username and password. You use quotation marks to break out of the username string and leave the password blank.

I think it'd go:-

Username: EtH" OR User_Id = 1

This would say something like SELECT * FROM Users WHERE Username = "EtH" OR User_Id = 1"

Off the top can't remember how you handle the password though.

SQL injections are ridiculously easy to prevent, was only a significant problem yearsss ago


	Start a battle Audio or Text or Video Vote on a battle to earn +1 credit!


	Battle Feed No battles yet.