PicoCTF2018 – Web – The Vault Objective: There is a website running at http://2018shell.picoctf.com:64349 (link [1] ). Try to see if you can login! Solution: Ok this site is nice enough to give us the code for login.php Looking in the code you can see there is an attempt to sanitize inputs using regular expressions It creates a variable named pattern which is a regex used to match against the variables //validation check $pattern ="/.*['\"].*OR.*/i"; $user_match = preg_match($pattern, $username); $password_match = preg_match($pattern, $username); if($user_match + $password_match > 0) { echo "<h1>SQLi detected.</h1>"; } else { $result = $con->query($query); $row = $result->fetchArray(); if ($row) { echo "<h1>Logged in!</h1>"; echo "<p>Your flag is: $FLAG</p>"; } else { echo &quo
@circusmonkey404 on the twitters; DM for contact