SadQL
Hi hackers My Name is Mosaa author sadql challenge
Challenge is Medium with 600 points
First i will try write any username and password
And the server is responce a error
When i added a ' or " the server response same previous response
I tried several query and also doesn’t get anything so i will try force the server to get error
Then in will change the email parameter from normal parameter to arrary
Great i get the email parameter is pass in addslashes function then i will searche to get bypass for this function
T found the article https://www.openbugbounty.org/blog/_r00t1ng_/bypass-addslashes-using-multibyte-character/
And now il will try to bypass the login
Now after use the technique i found in the previous article i get a sql error
Let’s write a payload to bypass the login %bf%5c'+OR+1=1#
But i found the spaces and or was deleted
I will try %bf%5c'/**/||/**/1=1# but still have error
Okay let me put this payload %bf%5c'/**/oorr/**/1=1# or %bf%5c'/**/o+r/**/1=1# and done those working
