หน้าเว็บ

วันอาทิตย์ที่ 25 ตุลาคม พ.ศ. 2558

TUM CTF Teaser: webshop (Web) Write-up


Description:
Well, I found this shop and their offers are quite awesome, but something here smells... fishy. 1.ctf.link:1124
Solution: 

1. Access to http://1.ctf.link:1124 and look around, I found this site use free web template from freewebsitetemplates.com

2. Try view-source to find something interest but not found, I think it just a static website.

3. Found interest in search form that action to search.php.



4. It should be have a name="search" right? , but It have value="search" only.


5. Try to search and intercept request with Burp Suite, not found a value that I input to search. :)


6. Add search parameter to post request and copy all line to webshop.txt


7. Using sqlmap and -r option to Load HTTP request from a file and set -p "search" for inject to search parameter.



8. SQL Injection vulnerability found in search parameter!! try to find tables, columns, dump data and get the flag!


Flag: hxp{this_is_just_a_place_holder}

ไม่มีความคิดเห็น:

โพสต์ความคิดเห็น