basic 9

Lads,I have been searching around for info on how to pass this mission,so far I have %00,then I read in other post to go with something totally different,now I appreciate everyones input but can someone point me in the right direction

i dont remember this mission to well but i think it was simple put %00 on the end of something in the box and submit.

that's called a null byte attack.

\0 or %00 are appended to the end of a file, in order to try to make the server display the source code of the non-parsed, in this case, PHP code.

This one is tricky

i think this is down

cus i asked a guy who already did it and showed him what i was injecting and he said that it was right so he thinks its down as well

EDIT

nvm

I dunno about it been down,as i pass the mission,and I would like to thank those who helped me,when you get the username,be precise with the punctuation,

peace

I need help too, im lost =/

So i fugured i have to use a poison null byte attack but i dont know how. Ive been looking all over google and so far i understand that i have to enter something into one of the boxes ( I know witch one) and end it with /0.

Problem is, i dont know what to type in. :S Ive been looking in the source and all i found was this "($_GET[sql_query] == "SELECT * FROM family_db")" Is this relevant? I mean the family_db part.

Ps: may the answer be here somwhere; http://insecure.org/news/P55-07.txt -

Thanks for all the help!

i think there is some different files…

what do you mean! Explain!

If anyone needs help, PM me…:ninja:

notice the URL carefully…;)

on witch page! ?

WTF? why are there 2 active threads on this???

COLLABORATE!

im sooo confused. ive gotten in and i have the right pass and user name but it wont work!!! if anyone has already completed this pm me, and ill tell u the pass and name, and if its right ill know its down. PLZ PLZ PLZ. anyone?::angry:

I had got the null byte part, then there is a message saying: Good Job You doing good! Continue to 2nd part When i click the link, what i got is a blank page.. Is this challenge down?

yeh its down, i was going through a load of challenges cheking them and reported them .

yea, it seems like it, just try it again later