L4nzN0t
L4nzN0t14mo ago

SQLi without spaces - CTF

Hi guys!! How are you? I’m struggling with a CTF challenge from a event in my town, and I’m stuck in a SQLi vulnerability. Until now, I figured out there is a SQLi, but I can’t understand how can I exploit it. May the experts can help me 😂😅
No description
1 Reply
_null
_null13mo ago
You want to lookup how to make a post request. It can be done within burp or you could use other tools such as curl.
curl -X POST \
-H "Content-Type: application/json" \
-d '{"key1": "value1", "key2": "value2"}' \
https://example.com/api/endpoint
curl -X POST \
-H "Content-Type: application/json" \
-d '{"key1": "value1", "key2": "value2"}' \
https://example.com/api/endpoint
in this particular case you would have submitted your sqli in the employee_id field

Did you find this page helpful?