Anyone doing the penetration tester/

SQL Injection: What are the first 8 characters in the the password hash for the user Admin? need help with this injection attack

So,
what did you try until now?
As I remember, exercise 1.2 has all the info needed.

I have try all the query in the exercises even try the cat command to read the shadow folder looking for hashes or passwords and nothing i had try to do it in the command injection firefox window and and sql injection firefox window but not luck

Yeah just tested, I think its broken as the permissions on the file /etc/shadow are only rw r root. I’ve done this one long time ago so try with 5f4dcc3b.
Usually I would not post answer, but its broken.
Other flags seem like fine to get.

thank you I broke my head yesterday like 4 hrs trying to figure it out but not luck now I know why thank you

Yeah, I found a lot of broken rooms here, check my post from a few weeks ago. I was doing full path and it might be good to drop there and not lose mind :slightly_smiling_face:

hey i was doing ex 1.2 of penetration tester, and could not answer question 24, about flag found. I don’t know what flag, and where to find it

Try reading or cat out /etc/passwd