question regarding Sqli

[milmas]

Hey guys,


Recently came across a MSSQL Server 2000 and crack it by following online tutorials.
manually using sql union exploit.


The password column appears to be weird


here is a sample of a data
Username Password



R  Θhifac�
U  ������
W  ����ʡp�
2  hhgg``
3  eghe`a
4  ekga``
5  ekic``
6  eklf``
7  fgihdd
B  idjnfch
C  ����ʖb�
G  celi`a




May i know why is it showing this way ?


Thank you for your time

[rasenove]

Go post an intro first, and I cant understand some fonts in that list,

[milmas]

ok will do,


i dont understand either
i am seeing  ? in a diamond


hope someone can help me to solve this
i must be doing something wrong.

[relax]

the reason there's weird characters is probably because the database saves in a different charset i have experienced this with MySQL and Swedish characters like åäö.
ether they are stored wrong in the database or you are extracting them wrong, but i wouldn't worry about this part.


the rest of the print you gave looks like testing phase entry's,
pretty much every database has this depending on the coder behind it.
when you build your application you have to test it you often do this with bogus data,
some don't truncate before they put the database live and also don't do any cleaning or maintenance to the database which is not that surprising on a site that is vulnerable to SQL injection.
you will often come across databases that have thousand of "hacking" or vulnerability test entry's.
this is because skids use scanners which will save all attempts in database.