| Author |
Yet another Basic 29 Thread |
ollyb342
Member
Posts: 4
Location:
Joined: 10.10.08
Rank: HBH Guru |
|
Hey folks, first post on the forum!
I've been through all of the 'Basic Web Hacking' challenges (apart from 24.) without too much difficulty, but I'm absolutely stumped on 29.
I've tried what feels like every possible combination of XP**H In*******s I can think of, and no results have been yielded.
I've got the d***g parameter in the URL and the query that it shows me after my In*******s looks like it should be working.
Could anyone PM me some pointers on how to pwn this challenge please?
Thanks in advance. |
|
| Author |
RE: Yet another Basic 29 Thread |
Arabian
Member
Posts: 322
Location: inside you.
Joined: 22.09.10
Rank: God |
|
DOHOHOHOHOHOHohohoho!!!
Search for how to dump table and you'll be on your way to GLORIOUS COMMUNIST FREEDOM!!!
Hare Lambda!
|
|
|
| Author |
RE: Yet another Basic 29 Thread |
ollyb342
Member
Posts: 4
Location:
Joined: 10.10.08
Rank: HBH Guru |
|
Hi again,
I eventually gave up on this one and worked my way through Javascblockedript, Realistic and Pen-Test instead.
Now I thought I'd return to this now I have my feet wet a little bit, and still have no clue why my inj***** XP*** is not returning the answer..
Any chance that I could PM someone to take a look at the XP*** I've been trying? |
|
|
| Author |
RE: Yet another Basic 29 Thread |
Beat_Slayer
Member
Posts: 9
Location: In front of the computer
Joined: 15.01.12
Rank: God |
|
Anyone can lead me to some info on this one.
I'm getting the quotes escaped, and I just can't bypass it, I don't want answers, only some paper so I can learn something to help me with this xpath injection.
Cheers
 |
|
|
| Author |
RE: Yet another Basic 29 Thread |
Arabian
Member
Posts: 322
Location: inside you.
Joined: 22.09.10
Rank: God |
|
for the basics.
-> for what gets you to the answer
OWASP is nice, too.
Hare Lambda!
Edited by Arabian on 07-02-12 15:45 |
|
|
| Author |
RE: Yet another Basic 29 Thread |
dopeboimag1k
Member
Posts: 30
Location: the Internet
Joined: 01.05.11
Rank: God |
|
@Arabian is having the addslashes being imposed upon the query supposed to be a part of the challenge? I can't figure out how to get around it.
"Everybody wants greatness but nobody wants to work for it."
"If it was easy, everybody would do it." |
|
|
| Author |
RE: Yet another Basic 29 Thread |
Arabian
Member
Posts: 322
Location: inside you.
Joined: 22.09.10
Rank: God |
|
No it's not, and yes it's fucking up the challenge.
Hare Lambda!
|
|
|
Main:
