| Author |
Basic 23 |
EvaAdorable
Member
Posts: 2
Location: Florida, US
Joined: 28.04.11
Rank: Wiseman |
|
I'm getting the notorious "You are on the right track, you just need to think of how you can exploit this vulnerability" message, and I get that I need the you-know-what to execute a command, but I guess I can't actually figure out how to do that without seeing the actual you-know-what. I've tried using several GET variables to enter it, but the you-know-what I downloaded (the only one I can find) uses POST ones. So I have no idea what to do past this point or what it's asking of me.
If I sound like I have no idea what I'm talking about, I freely admit that I'm a complete and utter noob to this stuff. I hope I didn't say anything incriminating or spoilerish.
~Eve |
|
| Author |
RE: Basic 23 |
starofale
Member
Posts: 211
Location: England
Joined: 05.12.07
Rank: God |
|
I don't know what the "you-know-what" is. Do you know what RFI is?
Try a new search engine |
|
|
| Author |
RE: Yay |
EvaAdorable
Member
Posts: 2
Location: Florida, US
Joined: 28.04.11
Rank: Wiseman |
|
Star helped me. Thanks, sweetie. 
~Eve |
|
|
| Author |
RE: Basic 23 |
espartaniac
Member
Posts: 7
Location:
Joined: 12.07.11
Rank: Active User
Warn Level: 5
|
|
EvaAdorable wrote:
Star helped me. Thanks, sweetie.
i'm stuck also. i understood what you meant by 'you-know-what', but what 'star' helped you?  |
|
|
| Author |
RE: Basic 23 |
kaden
Member
Posts: 30
Location: Australia
Joined: 11.08.06
Rank: God |
|
@guy above^
everything is generally given in the challenge descblockedription. did you look up what RFI meant and how it is used?.. if not, I suggest you google it, which is what you should do before you post anything.
and he was refering to starofale when he said "star"...
no one dies a virgin... life fucks us all.
Edited by kaden on 15-07-11 18:38 |
|
|
| Author |
RE: Basic 23 |
espartaniac
Member
Posts: 7
Location:
Joined: 12.07.11
Rank: Active User
Warn Level: 5
|
|
kaden, yes I have learned some things about it. I've tried linking to a sh*** file, for example. no success... I've tried getting into other folders, no success.
I just don't know what to do with it anymore. Sorry if my ignorance bothers you. I thought this forum was meant to learn/teach. |
|
|
| Author |
RE: Basic 23 |
kaden
Member
Posts: 30
Location: Australia
Joined: 11.08.06
Rank: God |
|
all I am saying is try to add a little bit of detail to your post to show you have tried to do the research yourself, without giving too many spoilers. that way it doesn't appear that you aren't sure what your meant to do.. what you posted in your second post wasn't a complete spoiler, so if you had added that to your post, it would show you have done a little research.
i didn't mean to appear hostile in my reply.
I pm'd you as well.. check your inbox.
no one dies a virgin... life fucks us all.
Edited by kaden on 15-07-11 18:36 |
|
|
| Author |
RE: Basic 23 |
psylocke
Member
Posts: 4
Location:
Joined: 22.09.11
Rank: HBH Guru |
|
|
espartaniac wrote:
I've tried linking to a sh*** file, for example. no success... I've tried getting into other folders, no success.
I get stucked on that point too. I read about RFI, w**s*****, so I decided to use c**.t** as the value of p***. I thought that I'll have trouble with the extension, so I tried add n***, q******* m***, and a******** without no luck. :S
---
Finally I got it ... it was much more easier than I expected. =)
Edited by psylocke on 24-09-11 22:33 |
|
|
Main:
