Add injection1.
This commit is contained in:
parent
dab837b405
commit
d3ab90ea5b
3 changed files with 12 additions and 0 deletions
1
injection1/description.md
Normal file
1
injection1/description.md
Normal file
|
@ -0,0 +1 @@
|
||||||
|
I need help logging into this [website](https://injection1.web.easyctf.com) to get my flag! If it helps, my username is `admin`.
|
4
injection1/grader.py
Normal file
4
injection1/grader.py
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
def grade(autogen, key):
|
||||||
|
if key.find("a_prepared_statement_a_day_keeps_the_d0ctor_away!") != -1:
|
||||||
|
return True, "You got it!"
|
||||||
|
return False, "Nope. Keep poking around."
|
7
injection1/problem.yml
Normal file
7
injection1/problem.yml
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
author: mzhang
|
||||||
|
title: SQL Injection 1
|
||||||
|
hint: What does "injection" mean? How can you "inject" code into your username to control the username lookup?
|
||||||
|
category: Web
|
||||||
|
autogen: false
|
||||||
|
programming: false
|
||||||
|
value: 100
|
Loading…
Reference in a new issue