-
Notifications
You must be signed in to change notification settings - Fork 0
/
24_websiteHacking.sql
28 lines (21 loc) · 1.13 KB
/
24_websiteHacking.sql
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
/*
You've been dreaming about becoming a famous hacker all your life, and now it's time to make your dreams come true!
You decided to start by finding a website that has some vulnerability, and you just found a doozy.
This particular website has an open database users that contains information about the people using it.
What's more, it stores the queries performed on this table on the client side, which makes it super simple to hack them.
The users table contains the following columns:
id - The unique user's ID;
login - The unique user's login;
name - The user's name;
type - The user's role type (which can be "user", "admin", "moderator", etc.).
The query you have access to gathers some information about the users who have the "user" type. You don't want to get
caught, so you want to carefully update it so that the query will return the records of all existing types.
Your task is to update the existing query. Note: You should add something to the query, but don't rewrite it.
*/
CREATE PROCEDURE websiteHacking()
BEGIN
SELECT id,login,name
FROM users
WHERE type='user' or type is not NULL
ORDER BY id;
END