"Go from hacking web to solving puzzles"
The admin seems to have forgotten the password, so he just want you to recover by bypassing the login page.
Good Luck!
Challenge link: https://harsh1tarora.pythonanywhere.com/
We are supposed to bypass the login page. So, we try SQL injection.
We try admin' or 1=1-- as the username and 1 as the password.
admin' or 1=1--
1
We are presented with a shell after bypassing the login page.
Using help we can see the list of commands available.
help
We can use flag to get the flag.
flag
xCTF{y0u_f0und_m3_n0_way!}
Last updated 2 years ago
