Skip to main content
  1. Posts/

Appointment

·255 words·2 mins·
Tier1 Starting Point HTB Very Easy
Victor Mwai
Author
Victor Mwai

Security Analyst || CTF player

Isaiah 6:8

Table of Contents

Introduction
#

Untitled.png

Task 1
#

What does the acronym SQL stand for?

image.png

Structured Query Language

Task 2
#

What is one of the most common type of SQL vulnerabilities?

image.png

SQL injection

Task 3
#

What is the 2021 OWASP Top 10 classification for this vulnerability?

image.png

A03:2021-Injection

Task 4
#

What does Nmap report as the service and version that are running on port 80 of the target?

image.png

Apache httpd 2.4.38

Task 5
#

What is the standard port used for the HTTPS protocol?

image.png

443

Task 6
#

What is a folder called in web-application terminology?

image.png

Directories

Task 7
#

What is the HTTP response code is given for ‘Not Found’ errors?

image.png

404

Task 8
#

Gobuster is one tool used to brute force directories on a webserver. What switch do we use with Gobuster to specify we’re looking to discover directories, and not subdomains?

image.png

dir

Task 9
#

What single character can be used to comment out the rest of a line in MySQL?

image.png

#

Task 10
#

If user input is not handled carefully, it could be interpreted as a comment. Use a comment to login as admin without knowing the password. What is the first word on the webpage returned?

image.png

Congratulations

After I visited the site, I went ahead and used the payload admin’ # on the username field and then put some gibberish data on the password field and was able to log in. I got my payload from PayloadAllThings.

And just like that, we were able to pawn the machine .

Related

Reedemer
·225 words·2 mins
Tier0 Starting Point HTB Very Easy
Reedeming yourself
Dancing
·324 words·2 mins
Tier0 Starting Point HTB Very Easy
Only the flexible to dance.
Fawn
·219 words·2 mins
Tier0 Starting Point HTB FTP Very Easy
FTP