https://jacktaylor.tech/tags/nahamcon-2022/Recent content in NahamCon 2022 on Jack TaylorHugoenjack@jacktaylor.tech (Jack Taylor)jack@jacktaylor.tech (Jack Taylor)Sun, 01 May 2022 10:53:18 +0900https://jacktaylor.tech/2022/05/nahamcon-2022-ctf-write-up-flaskmetal-alchemist/Sun, 01 May 2022 10:53:18 +0900jack@jacktaylor.tech (Jack Taylor)https://jacktaylor.tech/2022/05/nahamcon-2022-ctf-write-up-flaskmetal-alchemist/<p>One of the most fun challenges in NahamCon 2022 was Flaskmetal Alchemist. This is a medium web challenge that involves an SQL injection that is relatively easy to spot, but tricky to exploit. I learned a few new things from this, so hopefully this write-up will provide inspiration to all you reading this. In this post I will walk you through my thought process and how I eventually exploited the vulnerability.</p>