Tags: sqli web sql
Rating:
# Space Force 100
## Description
```
The Space Force has created a portal for the public to learn about
and be in awe of our most elite Space Force Fighters.
Check it out at fun.ritsec.club:8005!
Author: neon_spandex
```
## Solution
When acessing the website we are provided with an input field to search for space ship results.
The solution was a simple sql injection: ```The javelin' or '1' = '1``` which returns back every value.
Flag: RITSEC{hey_there_h4v3_s0me_point$_3ny2Lx}
