We covered OverTheWire Natas Level 16 CTF where we went over a blind SQL injection scenario that uses command substitution to bypass character filters. The character filters used preg_match function in PHP to create a blacklist of characters commonly used in SQL Injection. This was part of OverTheWire War Games Natas Level 16

Get OSCP Certificate Notes

Natas Level 16 Password:


Video Walkthrough

About the Author

I create cybersecurity notes, digital marketing notes and online courses. I also provide digital marketing consulting including but not limited to SEO, Google & Meta ads and CRM administration.

View Articles