PicoCTF 2017 – No Eyes

This was a pretty fun little challenge. The blurb we get about the challenge is: The¬†website¬†isn’t really me much, but you can still get the admin password, right? Trying to break the web app using single quotes to login revealed the actual SQL query. Using this I tried the query ‘ or pass like ‘%’ … Read morePicoCTF 2017 – No Eyes