[NeverLAN 2019] - SQL FUN 1
Description:
Solution Author:
Lucian Nitescu, as part of jmp 0xc0ffee team.
Solution:
On this challenge, I was provided a basic and unrestricted SQL "console" that allowed me to enter any SQL query.
As easy as it may sound, I performed a basic select in order to retrieve the user password. Funny enough the application requires an at least one valid whare cause, so I did that:
- SELECT * FROM users WHERE 1
The flag is: flag{SQL_F0r_Th3_W1n}
This post is licensed under CC BY 4.0 by the author.