SignupHide Sidebar
Username: 
Password: 
Restrict session to IP 
Statistics
50 Sites
163 Challs
8396 Posts
61890 Users
33 donations
50 Active Sites
World of Wargame
WeChall
Rankk
Electrica
NewbieContest
LOST-Chall
Yashira
BrainQuest
Net-Force
HackThisSite
ThisisLegal.com
elhacker.net
TryThis0ne
TDHack
+Ma's Reversing
Hacker.org
HackBBS
Root-Me
SPOJ
Revolution Elite
W3Challs
Gekkó
Webhacking.kr
µContest
Valhalla
Reversing.Kr
SuNiNaTaS
Yoire
Hacking-Challenges
OverTheWire.org
RedTigers Hackit
Tasteless
Defend the Web
Mod-X
Omega Project
ae27ff
pwnable.kr
RingZer0 Team Online CTF
Hacker Gateway
pwnable.tw
Hack The Box
try to decrypt
MysteryTwister
LordofSQLi
Énigmes À Thématiques
247CTF
CryptoHack
PyDéfis
PromptRiddle
PWN.TN
Top 10 Players
dloser
benito255
Caesum
jusb3
tehron
phoenix1204
thefinder
lordOric
Akorlith
yachoor
Last 20 Activities
Fadi_hamwi
badend
acaoo_0
greybread141
greybread141
nidayecoming
apar2021
polarified
tripleedged
GOTTSA--DE
Th3Rud3Guy
LPacheco71
Scud2oo4
Scud2oo4
SeregaRdz
MrBlueSky
blackloser
sxq123
viktus
viktus
Online within 1d
39 Users
Scud2oo4
SeregaRdz
sisyang
noother
Fadi_hamwi
faust
mingxuan
d3m0nc0d3r95
badend
KelenHappy
THEGAME008
atom9cn
nidayecoming
greybread141
acaoo_0
apar2021
qweqweqw123
New_LucA
srompelius
zarathustra
more
WeChall->Challenges->Challenge: Yourself PHP

puzzled...  Go to the Yourself PHP challenge

Global Rank: 1359
Totalscore: 17553
Posts: 5
Thanks: 6
UpVotes: 5
Registered: 12y 210d


Last Seen: 7y 255d
The User is Offline
puzzled...
Jan 14, 2011 - 22:01:33 (11y 256d) Google/translate1Thank You!1Good Post!1Bad Post! link
So... I think I found how to exploit the script. I actually made a JS alert pop-up
by exploiting it correctly
, but it doesn't seem to be what's needed to solve the challenge.

Any hints there?
Last edited by gizmore - Jan 14, 2011 - 22:19:41
Global Rank: 510
Totalscore: 46424
Posts: 217
Thanks: 198
UpVotes: 202
Registered: 11y 283d
space`s Avatar
The User is Offline
1
RE: puzzled...
Jan 14, 2011 - 22:18:22 (11y 256d) Google/translate1Thank You!1Good Post!0Bad Post! link
you're on the right way
Contact only via c3BhY2VAd2VjaGFsbC5uZXQ= or PM...
Windows can be secure... but only if you don't use it Happy
Global Rank: 239
Totalscore: 86353
Posts: 1505
Thanks: 1278
UpVotes: 803
Registered: 14y 222d




Last Seen: 11h 16m
The User is Offline
Send EMail to gizmore
RE: puzzled...
Jan 14, 2011 - 22:18:47 (11y 256d) Google/translate1Thank You!1Good Post!0Bad Post! link
Minify or pm me your xss.

Edit: Also make sure you inject exactly <script>alert(1);</script>
The geeks shall inherit the properties and methods of object earth.
Last edited by gizmore - Jan 14, 2011 - 22:23:19
Global Rank: 1359
Totalscore: 17553
Posts: 5
Thanks: 6
UpVotes: 5
Registered: 12y 210d


Last Seen: 7y 255d
The User is Offline
RE: puzzled...
Jan 15, 2011 - 00:38:21 (11y 256d) Google/translate2Thank You!1Good Post!1Bad Post! link
I forgot the ; after the alert! Now it works Smile
Redknee, tunelko, silenttrack, n0tHappy, quangntenemy, TheHiveMind, Z, balicocat, Ge0, samuraiblanco, arraez, jcquinterov, hophuocthinh, alfamen2, burhanudinn123, Ben_Dover, stephanduran89, braddie0 have subscribed to this thread and receive emails on new posts.
1 people are watching the thread at the moment.
This thread has been viewed 10759 times.