HackTheBox Appointment Writeup

Summary :- The Appointment box simulates a web application vulnerable to SQL Injection. It features a search function tied to a backend SQL database with restricted access levels—regular users see only product data, while admins can access sensitive user info. However, due to poor input handling, attackers can exploit SQL Injection to bypass these restrictions and access any database table, regardless of user privileges.

TASK ANSWERS

  1. SQL stands for: Structured Query Language

  2. Common SQL vulnerability: SQL injection

  3. OWASP 2021 classification: A03:2021-Injection

  4. Service/version on port 80 (Nmap): Apache httpd 2.4.38 ((Debian))

  5. Standard HTTPS port: 443

  6. Web folder terminology: directory

  7. HTTP response code for 'Not Found': 404

  8. Gobuster switch for directories: dir

  9. MySQL comment character: #

  10. First word on webpage after SQL Injection login bypass: Congratulations

🏁 Root Flag:

e3d0796d002a446c0e622226f42e9672

PreviousHackTheBoxNextHackTheBox Responder Writeup

Last updated