Medium Live

Prehashbrown

50 points

314 Solves

Web

Medium

intelagent moderator badge ctflearn++ badge

Community Rating: 3.42 / 5

I created a database of all known types of hashbrowns! Try to see if you can find a way to authenticate as an admin and retrieve the flag. Hashbrown Database

First 10 Solvers

Rank Username
1 EdbR
2 Yeiazel
3 0mr1
4 heinandre ctflearn++ badge
5 Ntoskrnl
Rank Username
6 hem1t
7 Cyb3rM0nk
8 bobo1239
9 Exolon
10 chaoscode ctflearn++ badge

  • intelagent moderator badge ctflearn++ badge

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • NullString

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • lulul

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • lulul

    ^^^ Hahaha i put flag on comment :D only solve can see this kwkwkw

    • A23187

      hi,.can you tell me how to solve it? I try the ' or 1=1 -- and sqlmap tool but there are not working. 😂

  • A23187

    ? I solved it a few days ago, but now I can’t solve use the same method. Is there any change?

  • liverenesmrx

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • CapitalZer0

    This challenge is broken! The search is not vunerable to sql injection anymore, despite it being supposed to help with the challenge

  • Caillou

    I see comment supposing that Challenge is broke. Can admin confirm if its still working or not?

  • Crimz8n

    The challenge seems to be broken. I found the flag online, where someone used sqlmap to take over the database. Anyway, I tried to repeat their steps with no success at all. I also tried to guess the query structure by searching the following: sql ' OR 1=1 -- sql 1 OR 1=1 sql ' UNION SELECT 1 /* ...up to 24 columns */ -- sql 1 UNION SELECT 1 /* ...up to 24 columns */ Nothing's worked - same, disappointing response every time.

  • c0conut

    The challenge is broken, I guess.

  • msfDoozer

    I solved it one day ago but now that i tried it again it seems to not work anymore, anyone in the same situation ?

  • curiousnikko

    this is a stupid challenge even sqlmap is not working. such ashame admin!

  • edddy

    I'm stock... can someone help

  • Pr070n

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • Theriphunters

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.