Standard SQL injection challenge in which dumping out the data in the database reveals the flag.

Challenge Description




Unfortunately, I do not have access to the original scoreboard or the web server so some of the details of the solution are reconstructed from memory.

The following URL was vulnerable to SQL injection on the id parameter:

Using sqlmap to dump the entire database gives us the flag:

Database: sgctf
Table: fl4g
[1 entry]
| you_cant_see_me              |
| FLAG{J0hn C3n4!!!!!!!!!!!!!} |

Flag: FLAG{J0hn C3n4!!!!!!!!!!!!!}

Leave a Comment