Not much from this challenge will carry over to SQLi but the "PHP Tricks (SPA)" and "Bash Filter Evasion" techniques we looked at on HackTricks might help with future PHP filter bypass and command injection challenges. For SQLi specifically there are many ways to bypass blacklisted chars though e.g. portswigger.net/support/sql-injection-bypassing-common-filters 😉 Thanks for the feedback 🥰
![Decoding, Brute-Forcing and Crafting Flask Session Cookies - "web-intro" [DefCamp CTF 2022]](http://i.ytimg.com/vi/dA28abgc57o/mqdefault.jpg)
![Decoding, Brute-Forcing and Crafting Flask Session Cookies - "web-intro" [DefCamp CTF 2022]](/img/tr.png)
![Web Challenges [Space Heroes CTF 2023]](/img/n.gif)
Thanks!
🥰
💯% helpful sick Tricks. always anxious for alerts when you upload a new video!
Awww great to hear, thanks mate! 🥰
could you also make a video for it-support
I didn't do that one 😬 Did you see any good writeups for it?
🔥🔥
🥰
Sir, can we use this method for other injection like SQL, etc.. thanks for teaching a new way to find vulnerability 🤩🤩
Not much from this challenge will carry over to SQLi but the "PHP Tricks (SPA)" and "Bash Filter Evasion" techniques we looked at on HackTricks might help with future PHP filter bypass and command injection challenges.
For SQLi specifically there are many ways to bypass blacklisted chars though e.g. portswigger.net/support/sql-injection-bypassing-common-filters 😉 Thanks for the feedback 🥰
@@_CryptoCat thank you so much sir
💜