import requests url = "http://localhost:8080/challenge5.jsp" flag = "" position = 1
Bingo. We have a boolean-based blind SQL injection. But remember: the "new" challenge filters spaces. If you enter 1 and 1=1 , the server might respond with a 200 OK. But if you enter a more complex payload like 1 UNION SELECT username FROM users , the filter kicks in. How do we bypass space filtering? sql+injection+challenge+5+security+shepherd+new
MySQL (and many underlying DBMS platforms used in Shepherd) is case-insensitive for keywords. import requests url = "http://localhost:8080/challenge5