The page looks like this:
look at the code:
and password verify function looks like this:
so sql injection:
so we unleash sqlmap over it:
so we have the export functionality to get the file:
look at the Dockerfile:
when we give the payloaD:
Last updated 1 year ago
admin\"
ichliebedich
sqlmap -r request.txt --batch --dump
HTB{T1m3_b4$3d_$ql1_4r3_fun!!!}
