29 Nov

PicoCTF 2013 – Injection

Points: 110

Text: Use the Loading Bay Control System to get the admin key! Problem

Solution: When we open the page we get a page with a username field. Considering the name of the challenge we probably have to do a SQL injection.
We first try the most basic injection:

‘ or 1=1 #

This code will change the “correct” username to a logic operation that checks if either username OR 1=1 is true. Since 1=1 is always true the logic will become username OR true, which is always true as well.

The # in SQL is a comment symbol, everything behind it will become a comment and won’t run as SQL code.

When we inject the code above we get a list of usernames and password hashes. At the bottom of this list we’ll find our flag.

Flag: bad_code_and_databases_is_no_fun

For other challenge write-ups from this CTF see the overview.

Leave a Reply

Your email address will not be published. Required fields are marked *