Bypassing SQL Filters Using Command Substitution

We covered OverTheWire Natas Level 16 CTF where we went over a blind SQL injection scenario that uses command substitution to bypass character filters. The character filters used preg_match function in PHP to create a blacklist of characters commonly used in SQL Injection. This was part of OverTheWire War Games Natas Level 16

Get OSCP Certificate Notes

Natas Level 16 Password:

TRD7iZrd5gATjj9OkPEuaOlfEjHqj32V

Video Walkthrough

CTF Writeups, OverTheWire CTF, OverTheWire Natas Level 16, OWASP, sql inection

Show Comments

MasterMind Study Notes

About the Author

Mastermind Study Notes is a group of talented authors and writers who are experienced and well-versed across different fields. The group is led by, Motasem Hamdan, who is a Cybersecurity content creator and YouTuber.

View Articles

Bypassing SQL Filters Using Command Substitution | OverTheWire Natas Level 16

Leave a Reply Cancel reply

MasterMind Study Notes

About the Author

Press ESC to close

Bypassing SQL Filters Using Command Substitution | OverTheWire Natas Level 16

Leave a Reply Cancel reply

MasterMind Study Notes

About the Author

Share Article:

You might also like

OffSec Proving Grounds: Crane Walkthrough | OSCP Prep

HackTheBox Spookypass Challenge Writeup

HackTheBox Permx Writeup