Real 17

This challenge is not going to be easy, it's a new concept that I discovered whilst doing some PHP coding the other week, I then crafted an exploit out of the code and managed to use it towards dangerous things, this challenge will simulate that as best as it can.

The content was drafted by paranoiahax, the original template was also by him, it was then ported to xhtml by me, and then re-designed by -cL.

For those willing to test this challenge, click here

Let me know: a) What you think. b) Whether you've beaten it. c) If there's any exploits in the challenge [other than the simulated one]. d) Dificulty rating.

Thanks, and good luck, ~system[]

-cL wrote: Awesome design, who made it? XD

Anyways, I kind of beat it… just havent made the correct "string" yet…:right:

Because you saw the code maybe? :p

-cL wrote: Lol, If I wanted to cheat, I could just open the PHP file and find out EXACTLY which string to input, but I didnt.

I g00gled:ninja:

It uses regex ;) So there's alot of allowed strings, not just one exact one.

well just that, the supposed string doesn't work either o_O

root_op wrote: well just that, the supposed string doesn't work either o_O

Woops, didn't put enough "../"s in the include part to include the fusion core functions.

Try now ;)

-cL wrote: Unknown column 'real_17' in 'field list'

damn you system xD

Yes, I need to know how much it should be worth before considering creating a column for it.

Someone, give me a lead to finish this here xD