What does the acronym SQL stand for?
Structured Query Language
What is one of the most common type of SQL vulnerabilities?
SQL injection
What does PII stand for?
personally identifiable information
What does the OWASP Top 10 list name the classification for this vulnerability?
A03:2021-Injection
What service and version are running on port 80 of the target?
Apache httpd 2.4.38 ((Debian))
What is the standard port used for the HTTPS protocol?
443
What is one luck-based method of exploiting login pages?
brute-forcing
What is a folder called in web-application terminology?
web directory
What response code is given for "Not Found" errors?
404
What switch do we use with Gobuster to specify we're looking to discover directories, and not subdomains?
dir
What symbol do we use to comment out parts of the code?
#
Submit root flag
万能密码: admin' or '1' = '1