webhackingkr old 02
This is a challenge old-02 from webhacking.kr. I was stuck trying to understand how people were discovering this SQLi vulnerability through a cookie, as no blog posts explained why the attack was effective. This wasn’t a typical SQLi challenge that I’m used to, so I really wanted to know why it worked the way it did. The goal of this challenge is to figure out the password used for the admin.php page (mentioned in the HTML comment). ...