Planet DesKel

DesKel's official page for CTF write-up, Electronic tutorial, review and etc.

Arduino
Backdoor Challenge Land CTFLearn CyberEDU Webhacking.kr TryHackMe, THM Short CTF
Hacking Tools
Donate
15 August 2020

CTFLearn write-up: Web (Easy)

Another day, another CTFlearn write-up. Today, we will walk through simple web hacking. Web hacking is quite common in the CTF challenge and most of the challenge starts with web hacking until you get a reverse shell by doing an exploit. Let’s get started.

1) Basic Injection

Link: https://ctflearn.com/challenge/88

Just like the title said, the task involves SQL injection (SQLi.). You can complete the challenge by using a simple payload such as

' or '1'='1

basic injection flag

The payload going to pull all the data from the database. This is because the input filed is not sanitized which makes the searching field vulnerable to the SQL injection. a hacker can pull all the information from a database that included sensitive data.

Conclusion

That’s all for the simple web challenge. Bye ;)

tags: ctflearn - CTF - web

Thanks for reading. Follow my twitter for latest update

If you like this post, consider a small donation. Much appreciated. :)

Vortex

© 2020 DesKel