This was a challenge I wrote as a junior in high school for TJCSC's WinterCTF that occured in December, 2023!
It is a 3-stage challenge consisting of:
- Vulnerable SQLite login
- Library of Babel OSINT
- Hundreds of generated anchor links where only one contains the flag (created by
generate.py)
The site is currently hosted on https://sql-injection-game.onrender.com/.
However, you can run locally using the following:
- Seed the database:
python resetdb.py- Start the server:
node index.js
# http://localhost:8080Docker
docker build -t sql-injection-game:local .
docker run --rm -p 8080:8080 sql-injection-game:localEnjoy and happy hacking!