[CTF] CTFLearn.com – Basic Injection

Ok, here is the solution for the very basic SQL injection CTF located on https://web.ctflearn.com/web4/.

When you load the page you see this:

ctflearn1

There is nothing to do here, except entering some inputs, which leads nowhere.

So, I checked the source code of the webpage.

Very simple stuff, but look at that comment line.

ctflearn

I tried all three, and Luke was the one giving me something… useful?

ctflearn

It seems we can query usernames, and some data related to them. But there is nothing more.

The CTF is named as “Basic Injection”. So, l decided to try the most basic SQL hacking techniques.

If your aim is to dump a database, the most basic technique you can use is the “OR 1”, which is a simple yet devilish way to alter the query to trick the database.

Here is how it works:

A legitimate query would be something like this;

SELECT * FROM User WHERE Name =’ ‘

But we alter the query and enter ‘ or ‘1’=’1 in the input field instead of the actual name. And look what happens;

SELECT * FROM User WHERE Name =’‘ or ‘1’=’1

Because of the fact that 1=1 would always return TRUE, this query simply means “Show me everything”.

And here is the result:

ctflearn

Look at that name “fl4g_giv3r”. Obviously, the Data portion was our flag, we successfully captured it.

Too easy?

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s