webPromedium
ПОСТимся (Posting/Fasting)
hackerlab
Task: Blog with search API that Base64-encodes filter parameter. Solution: UNION-based SQLi in SQLite via decoded filter interpolated directly into LIKE query, extract flag from sqlite_master enumeration.
$ ls tags/ techniques/
union_based_sqlibase64_encoding_bypasssqlite_schema_enumerationapi_parameter_injection
🔒
Permission denied (requires tier.pro)
Sign in to access full writeups
Sign in with GitHub to continue. No email required.
$sign in$ grep --similar
Similar writeups
- [web][Pro]Базовая авторизация 3 — HackerLab— hackerlab
- [web][Pro]B64Decoder— hackerlab
- [web][Pro]No Quotes— uoftctf2026
- [web][Pro]HackerTube— hackerlab
- [web][Pro]Code Control— undutmaning