Add injection1.

2017-03-11 01:24:22 -06:00 · 2017-03-11 01:24:22 -06:00 · d3ab90ea5b
commit d3ab90ea5b
parent dab837b405
3 changed files with 12 additions and 0 deletions
--- a/injection1/description.md
+++ b/injection1/description.md
@ -0,0 +1 @@
+I need help logging into this [website](https://injection1.web.easyctf.com) to get my flag! If it helps, my username is `admin`.
--- a/injection1/grader.py
+++ b/injection1/grader.py
@ -0,0 +1,4 @@
+def grade(autogen, key):
+    if key.find("a_prepared_statement_a_day_keeps_the_d0ctor_away!") != -1:
+        return True, "You got it!"
+    return False, "Nope. Keep poking around."
--- a/injection1/problem.yml
+++ b/injection1/problem.yml
@ -0,0 +1,7 @@
+author: mzhang
+title: SQL Injection 1
+hint: What does "injection" mean? How can you "inject" code into your username to control the username lookup?
+category: Web
+autogen: false
+programming: false
+value: 100
				`@ -0,0 +1 @@`
				I need help logging into this [website](https://injection1.web.easyctf.com) to get my flag! If it helps, my username is `admin`.