Easy Live

Basic Injection

30 points

14164 Solves

Web

Easy

intelagent moderator badge ctflearn++ badge

Community Rating: 4.61 / 5

See if you can leak the whole database. The flag is in there somwhere… https://web.ctflearn.com/web4/

First 10 Solvers

Rank Username
1 natjef20
2 javier
3 drmad
4 limyunkai19
5 sebwit20
Rank Username
6 yukimo
7 teamaardvark
8 witchcraft
9 aiyam
10 blackndoor

      • JuanMusic1

        When i try the payload, it was wrong, but in a few moment i have tried the same payload an it works

  • Theriphunters

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • SpringBok

    Fade.js status is 404. In the console, I keep getting "GET https://web.ctflearn.com/web4/fade.js net::ERR_ABORTED 404".

  • beboms123

    First intro to SQL Injections for me! Awesome!

    • intelagent moderator badge ctflearn++ badge

      Glad you enjoyed, hope you learned something!

      • DonkeyPrime

        I' m an absolute noobie. what are the pre requisites? where should i start

  • Zahrah

    im noob i have no clue what i am doing when i input the url it wont work HELP

  • 0xLuois

    Good! i'm start learn CTF today. Very good program for me.

  • peri4n

    Could someone clarify if the 404 response of the fade.js is expected (part of the problem) or if there are technical problems with the server?

    • peri4n

      Confirmed it myself: fade.js is irrelevant for the problem.

  • Tinggaard

    I would assume it's an SQL-injection, but at the same time, I wouldn't consider those easy. Please help

  • mehedi1194

    flag is not there in well format like flag{here is the flag} its hard for those who is totally new in ctflearn but enjoyed

  • k4at3034

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • roylt84

    solved, easy once i realized I was looking at the wrong value for the key.

  • rockylance55

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

    • Dafaq

      Hi read w3schools/sql/sql. This site will give you info on how to do a basic SQL injection. Hope this helps.

  • HG86revient

    a pretty good challenge, I had an idea about SQLi but i needed to view the w3school's page

  • HG86revient

    a pretty good challenge, I had an idea about SQLi but i needed to view the w3school's page

  • nermish

    First CTF, No idea what I was doing, 10/10

  • brainfog

    So that's how a sql injection works, noob learned something

  • Gold

    Great first challenge, just a quick question: How can I reset a challenge back to unsolved If I wanted to here? Thanks

    • intelagent moderator badge ctflearn++ badge

      What's the use case for this? Currently, this functionality isn't available.

      • Gold

        was just curious to know, thanks for replying

        • intelagent moderator badge ctflearn++ badge

          If there is a use case we would love to include this functionality!

  • rusyaew

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • lawman

    I am new to this so happy i found this as my first challange learned a lot! Internet is your slave not your owner!

  • MChrisGM

    Really good, thanx for teaching me this

  • jmeagle

    hard for a person that had to look up sql

  • Maxbattleman

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • Kabilan

    Here is the challenge . But I want to learn first . Where I can learn

  • moroq

    Harder then I thought, 404 on js does not impact it

  • lifemeetsgent

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • Bossking12

    Is there a way I can learn how to do this. I have just started so I don't know how to do it.

  • zeronid

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • zeronid

    Great challenge for beginners , learned a little something about injections :)

  • zeronid

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • Chaos_99

    For a beginners challenge, I don't like that it's so silent. Giving me some error output would help me solve the problem or at east guide me along the way.

  • bazio

    abctf{uni0n_1s_4_gr34t_c0mm4nd}<<<< i found the flag but not working

    • marnianski

      any clue how much time its take them to patch the server?

  • Ebhodini

    Error 502: Bad gateway. Guys help :D

  • leerock2323

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • S0FA

    Error 502 Bad gateway

  • cardynlsyn ctflearn++ badge

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • dolos

    My frist ever SQL Injection!!! WOOHOO Thanks for this @intelagent

  • edddy

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

    • iamscripty

      go ro w3school sql injection page it may help, dont overthink

    • iamscripty

      go ro w3school sql injection page it may help, dont overthink

  • iamscripty

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • mrempty

    Unable to connect to https://web.ctflearn.com/web4/ Error 502

  • Ertersy

    I can't tell if it's supposed to be an error 504 or not... I'm completely new to this

  • Daddo4810

    Ok, 3 hours has passed and i'm still here like a dolphin in an aquarium

  • Answer

    If you are blocked on this one, try imagining how the query looks like.