A buffer overflow vurnerability exists because upon requesting any length of inp

1. A buffer overflow vurnerability exists because upon requesting any length of input from the users without checks, it's possible for a user to override the allocated memory space and flow into other spaces of the memory. Usually this results in a crash, but it can also allow the user to gain access to other parts of the memory and run malicious code.
2.  
3. 1.1
4. In this exploit we overwrite the dedicated input memory up until the specific part of the memory we're looking to change, and add our own variable, making the program pass the variable check.
5.  
6. 1.2
7. In this exploit we are able to - using the same methods as last time - overwrite the adress of the return function with the do_system function, granting us access to the flag.
8.  
9.  
10. An SQL injection is a way of injection malicious code into a user database, granting the user access to data which it is not supposed to. It's done by confusing the SQL interpreter into granting you the incorrect privleges by warping the structure of a pre-made SQL statement.
11.  
12. 2.1
13. Since there is no check for special characters, we close the user-input (string) part of the SQL statement and overwrite the rest of the statement, granting us admin access.
14.  
15. 2.2
16. By querying the server with an SQL statement, we can deduct information based on the time it takes for the server to respond. In this case we can query the database name from the server by checking each letter on a timed loop.