# picoCTF 2018 - A Simple Question Writeup

The site linked by the challenge looks like this:

Writing a ' the page returns this error:

So we know that the page is vulnerable to SQL injection and the query is SELECT * FROM answers WHERE answer='<input>'

The source code of the page is:

while the code in answer2.php2 is:

So we can reconstruct the correct anwer with the LIKE operator. It can be done by a small script written in Python:

and the result is 41andsixsixths, but this isn’t the correct answer:

By running the script with a different alphabet, we get a different answer, i.e. 41ANDSIXSIXTHS, which again is incorrect. Let’s try with only the leading character of each word upcase (41AndSixSixths):

It works! We got the flag: picoCTF{qu3stions_ar3_h4rd_73139cd9}.