Dosie X (Dossier X)

hackerlab

Task: Exploit a Flask web application with user registration to retrieve admin credentials. Solution: Inject SQL via the unvalidated "about" field during registration using SQLite string concatenation, enumerate the database schema, extract the admin MD5 password hash, crack it with John the Ripper, and log in as admin.