One challenge at yesterday’s CTF was a seemingly-impossible SQL injection worth 300 points. The point of the challenge was to submit a password to a PHP script that would be hashed with MD5 before being used in a query. At first glance, the challenge looked impossible.
via SQL injection with raw MD5 hashes – cvk | nc -l -p 80. Seemingly impossible to build a password that would after being MD5 hashed return a SQL injection, but nope it is possible even within a reasonable time frame.