AmazingCryptoWAF – @LiveOverflow’s CTF challenge walkthrough – ALLES! CTF
https://www.youtube.com/watch?v=v784VBx9w8g
✉️ Sign up for the newsletter ✉️
https://mailing.bugbountyexplained.com/
This video is a solution of Amazing Crypto WAF challenge from ALLES! CTF. The task was created by one of the most popular YouTubers in our industry – LiveOverflow. The solution involved bypassing WAF (Web Application Firewall), exploiting blind SQL injection and decrypting the flag.
Exploit code:
https://gist.github.com/gregxsunday/6025fabfbe3ccc74b6563d77d55a730f
? Get $100 in credits for Digital Ocean ?
https://m.do.co/c/cc700f81d215
Follow me on twitter:
https://twitter.com/gregxsunday
Timestamps:
00:00 Intro
00:47 See how the challenge is built
01:40 Detecting the SQL injection
03:20 Bypassing the WAF
05:30 Constructing the SQL query
06:33 Decrypting the flag
08:14 Exfiltrating the data using blind SQL injection
#ctf #writeup
Add comment