OverTheWire Natas 20-24

Level 20 User: natas20 Pass: eofm3Wsshxc5bwtVnEuGIlr7ivb9KABF Back to having source code, let’s take a look and find the important stuff.    if($_SESSION and array_key_exists("admin", $_SESSION) and $_SESSION["admin"] == 1) {    print "You are an admin. The credentials for the next level are:<br>";    print "<pre>Username: natas21\n";    print "Password: <censored></pre>";    } So first we can see that there... Continue Reading →

OverTheWire Natas 0-9

Lately I've been working on the Natas challenges again. Been a while since I have but I was surprised at how much easier the challenges were for me now compared to the last time. Here are levels 0 through 9. While these challenges are very basic the later Natas challenges have actually gotten quite intuitive.... Continue Reading →

What’s an SQL Injection?

SQL Injection What is an SQL injection? URL encoding Types of SQL injections How basic SQL injections work   What is an SQL injection? This code injection technique is used to attack data-driven applications. Attackers can insert SQL statements into an entry field on a vulnerable website for execution. A common reason for using this... Continue Reading →

Create a website or blog at WordPress.com

Up ↑