March
5th,
2019
First go to : http://web.chal.csaw.io:8080
As we can see this challenge seems to be a LDAP injection.
After some researchs I found this : Link
So I tried with this following command ::
*)(uid=*))(|(uid=*
If you go at the bottom of the page you can see the flag :
Flag:
flag{ld4p_inj3ction_i5_a_th1ng}