wpi admin 2 Writeup
Wpictf 2021
Solved by : thewhiteh4t
- we login as dennisb@uupeye.edu again
- In student communication we get the link to admin portal : https://wpiadmin.wpictf.xyz/iyghfihGBKHJF9719fn113
- Bruteforcing did not work so I tried SQL login bypass using burpsuite
admin@uupeye.edu' or '1'='1
- Bypass is successful and we get the link for admin portal!