Sws101_ctf5

Topic : Lesson Learned

Overview

In this task, we explore the concepts of incident response (IR) and the impact of SQL injection attacks. In this practical challenge, we are tasked with exploiting a SQL injection vulnerability on a login page to retrieve a hidden flag. This exercise demonstrates the risks associated with SQL injection and the importance of proper input validation.

Steps to Solve the Task

1. Deploy the Machine

• Start the vulnerable machine by clicking the “deploy” button on the TryHackMe platform.

2. Navigate to the Login Page

• Access the login page at http://MACHINE_IP/.

3. Attempt SQL Injection

• Use Burp Suite to send the login request to Burp Intruder and try various SQL injection payloads.

4. Analyze the Response

• After attempting SQL injection, you may receive a message indicating that the flag has been deleted. This highlights the danger of using broad SQL injections like OR 1=1, which can affect all rows in a database table.

5. Use a Targeted SQL Injection

• To retrieve only a single row, use the following SQL injection payload with a random password:

6. Retrieve the Flag

Submit the login form with the targeted SQL injection which will bypass the login and display the flag.

The flag is: THM{a*************e}.

Summary

In this task, we explored the consequences of SQL injection attacks on a web application. This exercise underscores the importance of input validation and security measures to protect against SQL injection vulnerabilities.