VishwaCTF-22 => “My Useless Website”
Challenge Info
Description: I made this website having simple authentication used in it. But unfortunately I forgot the credentials. Can you help me to find the correct one ??
URL: https://my-us3l355-w3b51t3.vishwactf.com/
Solution
As the description says, a person created a basic authentication and he forgot its user and password. So, just having a look at the website:-
So here entering some credentials, like “admin” : “admin”, “administrator” : “administrator”, etc. but failed. So the following things came to my mind
- Bruteforce
- SQLi
- Via response modification
So, starting with the most critical one, SQLi. So, just entered (‘) in the username field and successfully got an error. So I sent the request to the intruder, and as well as password used the payload from https://github.com/payloadbox/sql-injection-payload-list/blob/master/Intruder/exploit/Auth_Bypass.txt (for authentication bypass)
Since all the response were having a 200 status code and I didn’t had burp pro, i manually start to look at them and finally found multiple having a success and also containing the flag
Takeaways
- Test for SQLi in password field as well.
- Use payloads for specific purpose, e.g. for auth bypass, for RCE, etc.
Get more VishwaCTF-22 writeups here