Hard Live

Inj3ction Time

100 points

2554 Solves

Web

Hard

intelagent moderator badge ctflearn++ badge

Community Rating: 4.62 / 5

I stumbled upon this website: http://web.ctflearn.com/web8/ and I think they have the flag in their somewhere. UNION might be a helpful command

First 10 Solvers

Rank Username
1 niclev20
2 aikakatt
3 dadi
4 joshualaurencio
5 javier
Rank Username
6 abdilahrf
7 pir00t
8 hanto
9 koshi
10 batutahibnu17

  • Theriphunters

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • gabrielcampos

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • Gj1197

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • TackleJack

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • moroq

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • Fl4Gg3R

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • CapitalZer0

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

    • sweet6teen

      Why use sqlmap? This website is for learning shit, using a tool and not even understanding what it does is not making you learn anything at all lol

  • Ishiven

    Pretty nice one, but shows why you should sanitize your text fields...

  • Negatyw01

    WOW! I've learned a lot! For those of you who struggle have a look on this website. A lot of useful infromation!

    http://www.securityidiots.com/Web-Pentest/SQL-Injection

    • Skofos

      nice keep learning and stay foolish lelz

    • Skofos

      nice keep learning and stay foolish lelz

  • kvlike

    I've had some problems with it but I finally sloved this! Thanks!

  • curiousnikko

    It was really great, I was able to learn how to use Sqlmap tool. I don't know if it might be a cheating or what but sqlmap tool just lead me to the payload code but I revise it until I get the flag...

    • SquidBoy

      the only cheating would be to look for someone else having done the answer. I assume beyond that, there are no rules or limits on tools....

  • warsonline

    Loved the challenge, however I couldn't solve it simply with SQLmap like other commenter mentioned because it kept receiving 403 responses with each iteration. Perhaps there's now a defence mechanism against this tool or was it just poor configuration from my side?

  • eyepatch

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • yupwn

    it should be medium or easy

  • Austin404

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • 0m3g4

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • alifurkany

    Nice challange with many layers. SQLmap wont cut it.