damo.clanteam.com Security Challenge III [Writeup]

alright , this one is easy .  the challenge is on basic SQL Injection . In the challenge application there is a SQL injection vulnerability in member-info.php page . its a basic UNION based SQL injection , from there I used sqlmap to spice things up

vulnerable application URL is




so the password were encrypted with SHA1 encryption . for that I used a online hash database to get plain text password


and using “stanllone” as the user name and fire as the password I logged into the members area

that’s about it . see you soon guys


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s