hacking, owasp, web application security

The BodgeIT Store Series #2, Find Hidden Content as a Non-Admin User – #bodgeit #infosec #pentest #appsec #webapp

Happy Hacking!

Today’s post is #2 in a series of solving the BodgeIt Store vulnerability.

If you want to read the initial post, click HERE.

As the title says, we’re going to solve the vulnerability of finding hidden content as a non-admin user.

Let’s begin.

Going back to the Scoring Page (About Us –> Scoring Page Link) we see the following. Pay attention to our username, right now we’re logged in as a guest user.


Going to the home page we see the following:


What would happen if we view the HTML source of the page? Let’s try it.

Right clicking the page, and select View Page Source we see:


Hmm… we see a commented code on line 41 (green line) that shows a link to an admin page. What will happen if we navigated to this page?

Navigating to this page we see the following:

We found a hidden page! This page lists the different user, and their role. Along with their BasketId, ProductId, and Quantity.

Let’s bookmark this page because I am sure we will need this page later for the other vulnerabilities.

Going back to the scoring page we see:

The hidden content as a non admin user is now complete (green)!


capture the flag, hacking, owasp, web application security

PicoCTF 2017 – My First SQL

Another day, another challenge.

Today’s blog post we will be solving the challenge, “My First SQL” from the PicoCTF.

Let’s get started.

Going to the challenge we see:


OK… we need to access a website, but we do not have the password. Let’s see what the hints give us.


Clicking the website link we see:


Doing a right click, view page source we see:


We do not see anything useful. We have a form that is looking for a username and password.

Going back to the hints, let’s do a Google search of SQL Injection.

After doing the search we have a link, that specifies how to do a SQL injection to do login bypass.

Let’s do it.

Going back to the website, we see that we have a username and password.

Let’s try using a username of “admin”

and a password of ” ‘ OR ‘1’=’1′ ”


Pressing login we get:


We found the flag, and acquired 50 points!

capture the flag, hacking, web application security

PicoCTF 2017 – What Is Web

Another day, another challenge.

In today’s blog post we are solving the challenge, “What Is Web” from the PicoCTF challenge.

Let’s start!

Clicking on the challenge we see:


OK, so we need to find out how to use HTML.

Looking at the hints we see:

Clicking on the website we see:

PicoCTF_What_Is_Web_3Doing a right click, view source we see:


At the bottom of the screen in the green letters (which are comments that are not displayed in the browser) show that we have the first part of the flag.

Now we need to find the second and third part of the flag.

Looking back at the page source we see two different files that are referenced: hacker.css and script.js

Let’s look at hacker.css first and see what’s there.

Going to that file we see the second part of the flag at the top of the browser:


Now let’s look at the script.js file and see if we can find the final part of the flag…

Going to the script.js file we see:


We now have the three parts of the flag!

Combining the parts together and submitting the flag, we’ve acquired 20 points!