Tags: sqli web
Rating:
1. At first we landed in a login form. So, we can try several things to hack this page. But, as the title is " Super Secure " . So, we can't use XSS. Rather we can use SQL Injection method to bypass this secure login page.
2. Now, put a single quote in bot field and login.
3. Well, we can see an SQL error page.
4. So, I tried ```admin' or '1'='1``` and logged in. And I got the flag as well.
Flag : ```EZ-CTF{N0t_S0_S4f3_4ft3r_411}```
If you are facing any problem understanding this writeups then you can check my vfromideo POC [here](https://youtu.be/LkfQ7yNSNCM) .