Elevator
EasyDigital Forensics
Overview
Our application has been found to be vulnerable to SQL injection, and as a result, a user was able to escalate their privileges and gain admin access. We need to identify this user, determine when they registered on the system, and find out when they became an admin.
Flag Format FLAG{username|time_to_be_admin|time_registered}.
Note: Time should be in the format YYYY-MM-DD-hh-mm-ss
Lab Details
Prerequisites & Requirements
- Basic understanding of SQL and database queries (INSERT, UPDATE).
- Familiarity with log file formats and command-line tools (e.g., cat, grep).
- Knowledge of SQL injection concepts and exploitation.
What will you learn?
- How to analyze MySQL logs to detect suspicious queries.
- Techniques to identify privilege escalation via SQL injection.
- Extracting relevant timestamps to track user registration and privilege changes.
- Using regex and command-line tools to filter and correlate log data.
Tools
- Linux
Job Positions
Security Analyst
Tags
Web ForensicsDatabase ForensicsSql LogsTimeline AnalysisOs Artifacts