We are asked to bypass the login page in the website.
I decide to try with the most basic SQLi attack ' OR 1=1 --
I try to login with that payload.
And we are in! Now we are challenged to find the flag which is hidden in 'plain sight'. So I right click on the webpage, and click on "View Page Source"
..and there was the flag hidden in "plain sight".
Top comments (0)