Wpictf 2021

wpi admin 2

Solved by : thewhiteh4t

  • we login as dennisb@uupeye.edu again
  • In student communication we get the link to admin portal : https://wpiadmin.wpictf.xyz/iyghfihGBKHJF9719fn113
  • Bruteforcing did not work so I tried SQL login bypass using burpsuite
    admin@uupeye.edu' or '1'='1

  • Bypass is successful and we get the link for admin portal!

Published on : 26 Apr 2021