View Thread

HellBound Hackers | Challenges | Basic

Author

Basic 29

iantharan
Member

Posts: 27
Location: right behind you...
Joined: 14.04.08
Rank: Hacker Level 3

Posted on 01-06-11 21:21

so, i can log in as all three users, but i dont really understand how i'm supposed to find the 'answer'

Author

RE: Basic 29

starofale
Member

Posts: 211
Location: England
Joined: 05.12.07
Rank: God

Posted on 01-06-11 23:36

I suspect you're trying a standard SQL-style injection. I know that there are some injections that only show you part of the database. If you dump the whole database the answer is pretty obvious.

From the HBHBot:

Read up on XPath and how XML works. Also, check the source.

You need to work out what the injection should be specifically for this challenge - you can't use a generic one.

Try a new search engine

Author

RE: Basic 29

iantharan
Member

Posts: 27
Location: right behind you...
Joined: 14.04.08
Rank: Hacker Level 3

Posted on 02-06-11 19:35

I'm trying to put //* into my query to dump everything, still no luck..

Not sure if that was a spoiler <.< if it is, I'll remove it.

Author

RE: Basic 29

iantharan
Member

Posts: 27
Location: right behind you...
Joined: 14.04.08
Rank: Hacker Level 3

Posted on 02-06-11 20:05

Nevermind, I got it

WiFi – Part 3, Aircr...

WiFi – Part 2, Proto...

WiFi – Part 1, Inter...

WiFi – Part 0, Intro...

Info Gathering with ...

Mapping Memory...

Javascript 16 *may c...

Advanced DLL Injecti...

Tweaking Firefox Plu...

An Intoduction to Ga...

Positional Number Sy...

Dream Interpretation...

Freewebhosts and sub...

The Dunning-Kruger E...

Me and my router...

HellBound Hackers | Challenges | Basic

Basic 29

RE: Basic 29

RE: Basic 29

RE: Basic 29