CTFtime.org

Simple SQL Injection

by sirmatrixpage / Egyptian Cyber Security Team

Rating:

Hello

Simple SQL Injection

URL : http://138.197.41.168/ctf3/login.html

We Can Try To Enter [ admin ] [ Login Bypass Using SQL Injection Payload ]

Like True ' or 1-- -'

admin : ' or 1-- -'

![](http://image.prntscr.com/image/5d3b13e3cfc04a0b98cb663ce528fe79.png)

okay we in login page

![](http://image.prntscr.com/image/ee7b5858360249cba2adc46785df6dcf.png)

The hint is " FLAG IS AROUND HERE SOMEWHERE "

i can look in page source code

![](http://image.prntscr.com/image/5bc37d59a3134194b202af71692ceafc.png)

Okay , The Flag Is

Thanks

Comments