Port enumeration

Using nmap, I found an http server open. bc27fdbbfddab7da70fd69d60e29cb86.png

Web enumeration

First thing I found in the web server is a log page. 3c6db59991bbcf16879dfaacdda0cb49.png After some testing, I found who this log page is vulnerable to SQLI. d7e21fc770ca70dd2f5d5d21819c0129.png Using the clasic query ' OR 1=1 -- -' I bipass the login page, geting the flag. 1a61f4e542fa9002b73cf93401d0b698.png

POC START HERE ---------------------

{{ 7 * 7 }}