Appointment

Task 1: What does the acronym SQL stand for?

Quick google search shows that it is Structured Query Language

Task 2: What is one of the most common type of SQL vulnerabilities?

Google search shows SQL Injection

Task 3: What does PII stand for?

Google search shows Personally Identifiable Information

Task 4: What is the 2021 OWASP Top 10 classification for this vulnerability?

Took a bit more then the other ones. I first googled top 10 owasp vulnerabilities for 2021. It took a while to realize that the answer was the full name like hint suggested.
a03:2021-injection

Task 5: What does Nmap report as the service and version that are running on port 80 of the target?

I ran the following nmap scan and got the answer:

Task 6: What is the standard port used for the HTTPS protocol?

I just know this from memory to be 443.

Task 7: What is a folder called in web-application terminology?

Pretty sure it is "directory". Which it is.

Task 8: What is the HTTP response code is given for 'Not Found' errors?

Pretty sure this is 404.
Which it is.

Task 9: Gobuster is one tool used to brute force directories on a webserver. What switch do we use with Gobuster to specify we're looking to discover directories, and not subdomains?

I knew from memory that it is "dir"

Task 10: What single character can be used to comment out the rest of a line in MySQL?

It took a couple of tries but recalled that the # comments out text in python which it does the same for SQL

Task 11: If user input is not handled carefully, it could be interpreted as a comment. Use a comment to login as admin without knowing the password. What is the first word on the webpage returned?

Go to your web browser and go to the IP address given which should give you a login page.
I first tried just the # at the end of the username "admin". But that didn't work.
I had to go into the write up to get familiarized with how basic sql injection works.
You first use a ' to finish out the string input and then place a # to comment out the rest which would be the password validation.

Username: admin'#
Password: [Put whatever you want because it will be commented out]

This will take you to a new page and the first word will be congratualtions.

Capture the Flag:

On the same page from the previous task, it gives you the flag:
- e3d0796d002a446c0e622226f42e9672

PreviousTier 1 Machines NextSequel

Last updated 1 year ago