Task 1
What does the acronym SQL stand for?
(SQL 缩写代表什么?)
Structured Query Language
Task 2
What is one of the most common type of SQL vulnerabilities?
(最常见的 SQL 漏洞类型之一是什么?)
SQL Injection
Task 3
What is the 2021 OWASP Top 10 classification for this vulnerability?
(此漏洞的 2021 年 OWASP Top 10 分类是什么?)
A03:2021-Injection
Task 4
What does Nmap report as the service and version that are running on port 80 of the target?
(Nmap 报告在目标的 80 端口上运行的服务和版本是什么?)
$ nmap -p 80 -sV 10.129.222.12
Apache httpd 2.4.38 ((Debian))
Task 5
What is the standard port used for the HTTPS protocol?
(HTTPS 协议使用的标准端口是什么?)
443
Task 6
What is a folder called in web-application terminology?
(Web 应用程序术语中的文件夹是什么?)
directory
Task 7
What is the HTTP response code is given for 'Not Found' errors?
("未找到"错误的 HTTP 响应代码是什么?)
404
Task 8
Gobuster is one tool used to brute force directories on a webserver. What switch do we use with Gobuster to specify we're looking to discover directories, and not subdomains?
(Gobuster 是一种用于暴力破解网络服务器上目录的工具。我们在 Gobuster 中使用什么开关来指定我们要发现目录,而不是子域?)
dir
Task 9
What single character can be used to comment out the rest of a line in MySQL?
(MySQL 中可以使用什么单个字符来注释掉一行的其余部分?)
Task 10
If user input is not handled carefully, it could be interpreted as a comment. Use a comment to login as admin without knowing the password. What is the first word on the webpage returned?
(如果不仔细处理用户输入,它可能会被解释为评论。使用评论以管理员身份登录,无需知道密码。返回的网页第一个单词是什么?)
Ps:其实这里应该用gobuster来爆破目录出登录页面的,但是这里可能环境有问题直接访问就自动跳转到登录页面了
username:admin'# password:any
Congratulations
Flag
e3d0796d002a446c0e622226f42e9672