puzzled... Go to the Yourself PHP challenge
Global Rank: 1310
Totalscore: 17548
Posts: 5
Thanks: 6
UpVotes: 5
Registered: 10y 242d
Last Seen: 5y 287d
The User is Offline
puzzled...
Jan 14, 2011 - 22:01:33 (9y 288d)
Jan 14, 2011 - 22:01:33 (9y 288d)
So... I think I found how to exploit the script. I actually made a JS alert pop-up
by exploiting it correctly
, but it doesn't seem to be what's needed to solve the challenge.
Any hints there?
Any hints there?
Last edited by Gizmore - Jan 14, 2011 - 22:19:41
Global Rank: 496
Totalscore: 46283
Posts: 200
Thanks: 179
UpVotes: 181
Registered: 9y 315d
The User is Offline
RE: puzzled...
Jan 14, 2011 - 22:18:22 (9y 288d)
Jan 14, 2011 - 22:18:22 (9y 288d)
you're on the right way
Contact only via c3BhY2VAd2VjaGFsbC5uZXQ= or PM...
Windows can be secure... but only if you don't use it
Windows can be secure... but only if you don't use it
Global Rank: 232
Totalscore: 85396
Posts: 1390
Thanks: 1222
UpVotes: 739
Registered: 12y 254d
Last Seen: 1h 12m
The User is Offline
RE: puzzled...
Jan 14, 2011 - 22:18:47 (9y 288d)
Jan 14, 2011 - 22:18:47 (9y 288d)
Minify or pm me your xss.
Edit: Also make sure you inject exactly <script>alert(1);</script>
Edit: Also make sure you inject exactly <script>alert(1);</script>
The geeks shall inherit the properties and methods of object earth.
Last edited by Gizmore - Jan 14, 2011 - 22:23:19
Global Rank: 1310
Totalscore: 17548
Posts: 5
Thanks: 6
UpVotes: 5
Registered: 10y 242d
Last Seen: 5y 287d
The User is Offline
RE: puzzled...
Jan 15, 2011 - 00:38:21 (9y 288d)
Jan 15, 2011 - 00:38:21 (9y 288d)
I forgot the ; after the alert! Now it works 
Redknee, tunelko, silenttrack, qdxy, n0tHappy, TheHiveMind, Z, Ge0, samuraiblanco, arraez, jcquinterov, hophuocthinh, alfamen2, burhanudinn123, Ben_Dover, stephanduran89, braddie0 have subscribed to this thread and receive emails on new posts.
1 people are watching the thread at the moment.
This thread has been viewed 9673 times.
1 people are watching the thread at the moment.
This thread has been viewed 9673 times.