Web - Server
SQL injection - authentication - GBK
Hello,
So it took me quite a while to figure this out even though my payload was correct.
When injecting with Burp it didn’t work (Erreur d’identification), but when I used the hackbar extension it did. The injection payload was exactly the same, I even used ZAP as a proxy for burp to compare the payloads.
Any how, just use the hackbar, it’s as easy as you would expect.
I wasted a lot of time with this, I don’t want you to waste as much as I did 😉
Peace.
SQL injection - authentication - GBK
Even I was stuck for quite a time with Burp because of Erreur d’identification.
But It is the redirection which was blocking us to see the real flag.
We need to click of Follow Redirection when sending the payload to server in Repeater to view the flag.
SQL injection - authentication - GBK
OMG ! !
Thank you sooo much. I’ve been at this for sooo long now and all I had to do is to NOT follow the redirection.
HAHAHAHA ! ! Just to say that sometime it is the stupidest stuff that get you stuck.