basic 27 help

I know that the program filter the words: script , javascript…. i used a lot of xss injection to bypass the filter but it doesn;t work… ( thanks for your advise Futility, but i'm still stuck with it!!:@)

maybe i save it to my pc and i change the program ( i don;t now!!!!) any help or hint??:(

maybe using meta-characters inside the script???:(

dovis wrote: maybe using meta-characters inside the script???:(

You're way overthinking it. If that's what you came up after reading my post (before I removed it…I imagine you read it) and mosh's post…damn that's pretty bad. Where the hell did you get meta-characters from chocolate bar? :right:

you have to make it say script, but it removes script… Odd, perhaps you could trick it into saying script somehow with methods mentioned earlier in this post

i just did this in 10 seconds flat. this is basically a logic task haha and the chocolate thingy really gives it away.

**———BIG SPOILER!!!!!!–––––

it takes away script so what would happen if you put a letter befor and after script?

**———BIG SPOILER!!!!!!–––––

it takes away script so what would happen if you put a letter befor and after script?

just have to think. how can you make it say the word "script" by removing the word "script"

If you write the the script tags, "<>" it will not filter it. But if you write the word "script" you can see if filters it. So what you want to do is find some way for scr!!!ipt not get filtered.

moshbat wrote: I'll type you a diagram…

here is your chocolate bar: ABBA Here is your chocolate bar after you've eaten the middle half: AA

Get it yet?

lol nice hint ! got it now ! thx ;)

i'm stuck on this challenge.. i try to use the hint that others give..but still not working.. then..i try to convert script in hexadecimel..but it just display the hex & nothing happen..:(

Ok think about it logically. take 5 minutes away from the computer, then come back and reread these hints, they are actually VERY telling.

Ok, think about what the SCRIPT filter, then think about how to bypass the problem… It's really easy… however, follow yours31f advice! ;)

moshbat wrote: I'll type you a diagram…

here is your chocolate bar: ABBA Here is your chocolate bar after you've eaten the middle half: AA

This is a massive help. I didnt get it at first either but it really is good.

i would agree, the chocolate told all. If you can't figure it out from the previous hints then you need to stop over thinking it.

took me 2 minutes to do dispite my constant typo's and syntax errors

Take a break and try again! ;)

I just got it! Thanks for the hints guys mucho helpful. :D

Glad that u got it! :D

fuser help me to beat this challenge.. i don't think i can't beat this challenge if i think on my own..hehehe.. thank to him..and the others..

actually when i read about the chocolate (hint)..i think that i should cut the word 'script'..make it more short like scrpt or else.. i try many possibilities..but still can't beat it… then..i read some tutorial..show how to make it by convert 'script' into html entities..unfortunately..it's not the right way to beat this challenge…huhu..

although i can't beat this challenge by myself..but i'm glad that i learn something new..:D

Its actually really easy and kinda stupid once you figure it out :p but nice concept. Wonder if that would work on any sites. (besides this one)

skathgh420 wrote: Wonder if that would work on any sites. (besides this one) It does ;)

chocolate bars….good hint!

m stuck i tried everything Sorry Admins I know its a spoiler but i need help.

spoiler removed but it as:- <>alert(1)</> i tried few more things like:- spoiler removed but still output is same:(

well seeing as this thread is 2 years old you would have been better off makng a new thread/pm'ing someone.

also, dont post huge spoilers =.="

you basicly have it… when you type in <script>alert(1)</script>, EXACTLY what is filtered..

think about it.

and remove the spoilers…

Tnx kaden and spoiler removed too

Rofl, finally got this one. I thought it might have been something to do with nested strings but obviously it just doesnt allow you to enter <script> this is a tough one if you think about it too much you will kick yourself when you get the answer. Ill give you one hint for people who still scratch there head. Force it to say script. <sscripts> - See what it does now go from there.

RedDragon wrote: [quote]moshbat wrote: I'll type you a diagram…

here is your chocolate bar: ABBA Here is your chocolate bar after you've eaten the middle half: AA

Get it yet?

After staring at it for 15 minutes it finally clickedthumbs up

Think of it like this: SERVER: "STATE PASSWORD AS PRODUCT OF 42" USER: Answer must be, "8!" USER: *types an, "8" SERVER: I FILTER ALL BUT THE THIRD DIGIT USER: Ah, HA! USER: *types 12833 SERVER: ACCESS GRANTED