Post

[NeverLAN 2019] - SQL FUN 1

Posted
By Lucian Nitescu 1 min read

Image of NeverLAN CTF 2019

Description:

Solution Author:

Lucian Nitescu, as part of jmp 0xc0ffee team.

Solution:

On this challenge, I was provided a basic and unrestricted SQL "console" that allowed me to enter any SQL query.

As easy as it may sound, I performed a basic select in order to retrieve the user password. Funny enough the application requires an at least one valid whare cause, so I did that:

  • SELECT * FROM users WHERE 1

The flag is: flag{SQL_F0r_Th3_W1n}

neverlan, ctf, writeups
2019 writeups CTF challange neverlan
This post is licensed under CC BY 4.0 by the author.