Edit: @TarTarX Has won the challenge.

---

Challenge Hosted by @420

I already have the money in my wallet and I'm holding it for whoever is able to dump it first. The prize is $1000 USD in Bitcoin.

The challenge is this:
- There is an SQLi Vulnerability on https://coolproxies.com
- He's known about it for years now, but has never found anyone skilled enough to figure out how to exploit it correctly.

Here is the vulnerable page: https://coolproxies.com/pl/freeproxylist.php?cc='

Also to give you a helping hand, you can bypass Cloudflares WAF which will block 99% of SQLi attacks by attempting to attack the vulnerability from the backend.

Backend: https://192.99.224.79/pl/freeproxylist.php?cc=' (MAKE SURE YOU HAVE THE HEADER "Host: coolproxies.com" set or else it will not show up, example: https://i.breached.co/gt3SIuDsaaFRhJZ4.png)

To prove that you've indeed hacked it, you will need to provide the list of databases, the first 10 user entries, and a working example. First person to get it wins.

Good luck !

This looks fun , ima give it a crack
https://imgur.com/a/zAHxyNH

This bounty is extremely difficult

I may check this out later if nobody has figured it out yet.

Impossible. I believe there are no haxorz on this forum.

I get 403 when i connect to backend

>He's known about it for years now, but has never found anyone skilled enough to figure out how to exploit it correctly.
So why doesnt dude just fix his code

(June 6, 2022, 12:54 AM)Magento Wrote: Impossible. I believe there are no haxorz on this forum.

Proof that you only read the $1000 reward and clicked the link....
READ THE THREAD

Application blocks my payload, but well initial one that can exploit the vulnerability is following one: 

US' and IF(2=2,'true','false') and 55='55

If application would not block the request its possible to write a select query inside the if statement and exfiltrate data.

i think its new way to get database that you want LOL