# Cowboy World


# Vulnerability
Honestly, i didn't really know what type of vulnerability until now even i solved it. ?


# Solution

I am just playing around the website And i found (/robots.txt) that leads to another web path called (/sad.eml)


When I go to it, i got (.eml) email file


I looked into the email file.

I knew the email is send to [email protected]. And i noticed the letters in the line of 18,

said that "thats why a 'sadcowboy' is only allowed to go into our website".

So i knew that username is sadcowboy.

But i can't find the password, so i just testing some default passwords and i got one idea that why i don't try sql injection in password field.

So I used (sadcowboy) for username and for password i used (' or 1=1 --).


Well, you can tell that i am lucky because in my first try with sql injection, It worked! Perfect!


I really like this challenge. Thanks to all of CTF-organizers.

# Thanks For reading!

Original writeup (https://github.com/ComdeyOverFlow/DownUnder-CTF-2021/tree/main/Cowboy-World).