NOTES

NOTES  USEFULL WEBSITES:- 1)cybercrime.gov.in 2)csk.gov.in 3)nciip.gov.in 4)ceir.gov.in 5)consumerhelpline.gov.in 6)bprd.nic.in 7)meity.gov.in  1. All About Web Our heist has come to a position where we are stuck with the web interfaces but we need your help Visit https://chall.hackershala.com Site: https://chall.hackershala.com/ SQLi was bypassed with ' or 1=1-- in both fields CTF{YOUGOTTHEFLAG} is the flag The other part was just robots.txt CTF{YOUAREHACKER} is the flag. 2. Not Just SQL There have been a breakthrough in our heist but we still cant access chall2.hackingbrawl.com as a privileged user. As usual, there is a login page: https://chall2.hackingbrawl.com/newlogin.php (This challenge was the next in the sequel to the basic sqli one) At first few SQL injection methods were attempted, but these went in vain. Upon using sqlmap, it was discovered that the site was vulnerable to time-based-blind injection. So manual attempts were done, the site see...