Follow us on Twitter!
The important thing is not to stop questioning. - Albert Einstein
Sunday, May 29, 2016
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 21
Guests Online: 17
Members Online: 4

Registered Members: 93884
Newest Member: Abdelouadoud
Latest Articles
View Thread

HellBound Hackers | Challenges | Basic

Author

Basic 29


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 01-06-11 21:21
so, i can log in as all three users, but i dont really understand how i'm supposed to find the 'answer'
Author

RE: Basic 29

starofale
Member



Posts: 218
Location: England
Joined: 05.12.07
Rank:
Moderate
Posted on 01-06-11 23:36
I suspect you're trying a standard SQL-style injection. I know that there are some injections that only show you part of the database. If you dump the whole database the answer is pretty obvious.

From the HBHBot:
Read up on XPath and how XML works. Also, check the source.

You need to work out what the injection should be specifically for this challenge - you can't use a generic one.


Try a new search engine
Author

RE: Basic 29


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 02-06-11 19:35
I'm trying to put //* into my query to dump everything, still no luck..

Not sure if that was a spoiler <.< if it is, I'll remove it.
Author

RE: Basic 29


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 02-06-11 20:05
Nevermind, I got it Grin