webProeasy
Раздача купонов (Coupon Giveaway)
duckerz
Task: Web application with coupon giveaway form vulnerable to SQL injection. Solution: UNION-based SQLite injection to enumerate tables via sqlite_master and extract flag from s3cret table.
$ ls tags/ techniques/
union_sql_injectionsqlite_master_enumerationcolumn_count_detection
🔒
Permission denied (requires tier.pro)
Sign in to access full writeups
Sign in with GitHub to continue. No email required.
$sign in$ grep --similar
Similar writeups
- [web][Pro]Gondex Dev— web-kids20
- [pentest][Pro]Лотерея (Lottery)— hackerlab
- [web][Pro]Dosie X (Dossier X)— hackerlab
- [web][Pro]143 - Личный блог— duckerz
- [web][Pro]Базовая авторизация 3 — HackerLab— hackerlab