Csharp: VulnJson - CTF

Below you will find some notes from Csharp: VulnJson - another nice CTF hosted by VulnHub. This time we will try to exploit SQL injection via JSON. Let's do it...

Your machine is waiting here (btw: remember to try 2nd machine prepared by Brandon Perry):

When VM is ready, we will start from the quick scan:

Ok, port 80 is ready so probably there is some HTTP server waiting for us. Let's try it (and leave nmap-window for a moment). Running dirb in 2nd console:

Ok, few results... Checking with nikto:

Ok, let's try this /bin/ directory now:

Cool.

After I grabbed all the files, there was a time for Ida... Quick overview:

Checking some functions:

More...

Cool, maybe we can use it later. ;]

Next:

Checking delete():

Checking selectUser():

Quick overview of the form:

Scroll down a little bit...

Let's look for that 'form' via the browser (and Burp;)) now:

Sending the form (and grabbing it in the Burp) is presented on the screen below:

I saved request to text file on Kali (s1) and run it (-r) with sqlmap:

I also tried the list method:

Just like before (s1; now s2.txt):

Results from the 1st file (s1.txt):

s2.txt is also ready:

Below you will find the screen with some 'sample payloads' from sqlmap:

...and small info-gathering ;P

What's next? Now...

You should definitely check that 2nd one CTF prepared by Brandon.  ;]

Cheers
o/