Basic 20

so i got the basic idea to mix j********* and s** so i got

markupj*********:v***(d*******.c*****="?s**_q****=S***** * F*** * W**** $_w*****='a****'");

whats am i doing wrong?? thanks in advance for the help

pm me with what you have tryed

hi all!

i am stuck too, in basic 20. First i thing if i change the content of the cookie to admin, i am done. But when i refresh i have a message, Nice try… blabla… I check the article about the cookie poisoning, and i have a little bit knowledge about the sql injection, but i thing i need some hint, or help in pm.

thx hc

pm me if you want. Ferlas helped me get. It's actually one of those "i cant beleive i didn't try that" things

If that inline JS is remotely correct that is quite the spoiler. I don't know. I haven't tried this challenge yet but I immediately see exaactly what the *'s are representing… I think this should be edited.

fashizzlepop wrote: If that inline JS is remotely correct that is quite the spoiler.. It isn't, feel free to try it out yourself, you'll be having days of fun.

COM wrote: [quote]fashizzlepop wrote: If that inline JS is remotely correct that is quite the spoiler.. It isn't, feel free to try it out yourself, you'll be having days of fun.[/quote]

It's a good thing my sarcasm detection is better than my sql injection :P

bummarketer wrote: [quote]COM wrote: [quote]fashizzlepop wrote: If that inline JS is remotely correct that is quite the spoiler.. It isn't, feel free to try it out yourself, you'll be having days of fun.[/quote]

It's a good thing my sarcasm detection is better than my sql injection :P[/quote]

What does that have to do with anything?

bummarketer wrote: [quote]COM wrote: [quote]fashizzlepop wrote: If that inline JS is remotely correct that is quite the spoiler.. It isn't, feel free to try it out yourself, you'll be having days of fun.[/quote]

It's a good thing my sarcasm detection is better than my sql injection :P[/quote]

??? what the hell are u saying ???

Cyph3rHell wrote: [quote]bummarketer wrote: [quote]COM wrote: [quote]fashizzlepop wrote: If that inline JS is remotely correct that is quite the spoiler.. It isn't, feel free to try it out yourself, you'll be having days of fun.[/quote]

It's a good thing my sarcasm detection is better than my sql injection :P[/quote]

??? what the hell are u saying ???[/quote]

I agree, that was pointless and has no meaning.

shadowls wrote: [quote]Cyph3rHell wrote: [quote]bummarketer wrote: [quote]COM wrote: [quote]fashizzlepop wrote: If that inline JS is remotely correct that is quite the spoiler.. It isn't, feel free to try it out yourself, you'll be having days of fun.[/quote]

It's a good thing my sarcasm detection is better than my sql injection :P[/quote]

??? what the hell are u saying ???[/quote]

I agree, that was pointless and has no meaning.[/quote]

Isn't pointless the same thing as having no meaning. So what you said was repetitive.

There is nothing wrong with that.

XD. ive been on this challenge now for a good hour or so. looked over everything a few times and i cant get it.

could i pm someone?

and uhh… wasnt that whole conversation about how pointless his comment was. actually moreso pointless itself?

yes. ive looked over the articles for that many times. but im still stuck putting two and two together

pm me with what u r trying?

Dead end here also. I got the "Nice try, but that isn't the answer we were looking for".

I know what things I need to use, but I don't understand how to put the two things needed together. I tried reading the article and tutorials on HBH, different articles via google and all the topics about basic 20. No luck still.

edit. Seems to me that I had a typo somewhere earlier, 'cause I had the right idea already on my head. Thanks for rex_mundi who pushed me to try it again.

This is my first time posting for help. Yes, I am a bit stuck on this one, too. May I PM someone? Not looking for spoilers here, just a gentle nudge in the right direction. Thanks in advance.

d3x

PM me with what you are trying.

pm to harry or me…

im stuck here too! I have been getting through ok up to now, stuck on a few but after a while would get through them…but this one ive been going at for ages and just cant get it.

i tried the obvious and got the message "nice try we were looking for something else," I have read the article on cookie poisoning, and I know I have to combine the 2 injections, but I cant for the life of me figure out how to put them together… help!?

de_cortes wrote: im stuck here too! I have been getting through ok up to now, stuck on a few but after a while would get through them…but this one ive been going at for ages and just cant get it.

i tried the obvious and got the message "nice try we were looking for something else," I have read the article on cookie poisoning, and I know I have to combine the 2 injections, but I cant for the life of me figure out how to put them together… help!?

you can pm me if you want

…You did the obvious then checked the cookies apparently, yes? Now you just have to poison the proper cookie with a kind of injection.. It shouldn't be that hard ;).

Does anyone know of an article on S** with cks? I'm stuck on this one.

Your thinking too deep. Take a break and come back to it.

Yeah I know I have to do a jvar int with S**, but I've never used S** with ck* before.

Just passed the mission. I didn't know you could do that with S**

And I'm digging my Point Ranking right now. haha ;)