Auth-Bypass
Found 2 related articles
Back to Tags- 2024-11-18
Appointment - Authentication Bypass via SQL Injection (SQLi)
Technical writeup detailing the compromise of the Appointment machine. The primary vulnerability is an Authentication Bypass via SQL Injection (SQLi) affecting the web application's login form. By injecting the payload 'admin'#' into the username field, the SQL query is manipulated to bypass the password check, allowing unauthenticated access as the admin user to retrieve the flag.
- 2024-09-18
Injection - SQLi Authentication Bypass and SUID Privilege Escalation
Technical writeup covering the compromise of the 'Injection' challenge. Methodology includes port scanning, exploitation of a SQL Injection vulnerability for authentication bypass (' OR 1=1-- -), securing initial access via SSH, and leveraging a vulnerable SUID binary ('env') via GTFObins for root privilege escalation.