BOOK THIS SPACE FOR AD
ARTICLE ADHello guys my name is Mohamed yasser (Nitro), this is new writeup that will tell you a new technique to dump admin account of website in 10 minute only
first our target we will signed him as example.com , first when I try to solve this ctf I found that i can’t edit any page or create one and couldn’t access it and example.com redirected me to login page so l fired my burpsuite to know what’s happend and found this
so I checked login page if it has any of SQL Injection by trying user (name =mohamed‘) at username
and Boom :) found error based when get this response
so good news :) I will try to take this post request of login page at text file to access database by sqlmap commends
sqlmap -r /home/nitro/Desktop/123456.txt — dbs
but unfortunately sql map couldn’t access any thing
so I tried to do this manualy by burp intruder :) , so take this request and go to intruder to know length of username and password by this Injection commend and make min & max lingth of intruder =0>>>20 for payload of username and 0>20 for password
and found different length at response of username = 9 and password = 6
and now finally we know number of character of username and password of admin , so we will brute force this account by only one step in username and password …..by this commend only which username =9 characters which any of them referd by $_$
and this is my fucken fast result
Bingo :) username =francisco
and only replace number of $_$ to be 6 times and replace username with password like this
and this is the result
password = manual :)
actually I do this manually and password is same manually word :)
so lets fire my browser and show if we can get this fucken flage or not !
and Bingo :) we got flag wow (:
fianlly , this writup has finished. i hope you have a good time reading this writeup and got this fast techneque I found and would to shared it with you (: so good night.