#WebSecurity #CTF

Blind GQL injection and optimised binary search - A7 ~ Gee cue elle (misc) Google CTF 2017





The interactive transcript could not be loaded.


Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Jun 30, 2017

This was considered a hard challenge. After finding and analysing the source code we found a GQL injection. Unfortuantely there is a system in place that will ban you for too many requests. So we use a modified binary search algorithm to finish in time.

gql.py: https://gist.github.com/LiveOverflow/...

-=[ šŸ”“ Stuff I use ]=-

ā†’ Microphone:* https://amzn.to/2LW6ldx
ā†’ Graphics tablet:* https://amzn.to/2C8djYj
ā†’ Camera#1 for streaming:* https://amzn.to/2SJ66VM
ā†’ Lens for streaming:* https://amzn.to/2CdG31I
ā†’ Connect Camera#1 to PC:* https://amzn.to/2VDRhWj
ā†’ Camera#2 for electronics:* https://amzn.to/2LWxehv
ā†’ Lens for macro shots:* https://amzn.to/2C5tXrw
ā†’ Keyboard:* https://amzn.to/2LZgCFD
ā†’ Headphones:* https://amzn.to/2M2KhxW

-=[ ā¤ļø Support ]=-

ā†’ per Video: https://www.patreon.com/join/liveover...
ā†’ per Month: https://www.youtube.com/channel/UClcE...

-=[ šŸ• Social ]=-

ā†’ Twitter: https://twitter.com/LiveOverflow/
ā†’ Website: https://liveoverflow.com/
ā†’ Subreddit: https://www.reddit.com/r/LiveOverflow/
ā†’ Facebook: https://www.facebook.com/LiveOverflow/

-=[ šŸ“„ P.S. ]=-

All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.

#WebSecurity #CTF


When autoplay is enabled, a suggested video will automatically play next.

Up next

to add this to Watch Later

Add to

Loading playlists...