Home PicoCTF 2018 Web Exploitation 200: Irish Name Repo
Writeup
Cancel

Web Exploitation 200: Irish Name Repo

Challenge

There is a website running at http://2018shell1.picoctf.com:28402 (link). Do you think you can log us in? Try to see if you can login!

Solution

There is an admin login page vulneral to sql injection

1
2
username: admin
password: ' or 'x'='x

gives us the flag

Flag

picoCTF{con4n_r3411y_1snt_1r1sh_f58843c5}