Basic Challenge 7

Hello all, I am stuck on Basic 7, I have gotten the javascript code input, and refreshed the page, but now I am stuck on the SQL Injection. Can I PM someone what I am inputting so I can get some help? Or can I get someone's reply here please? Thanks ahead of time, ~Mal

try some really simple SQL injections first…if after a few tries you still cannot get it, just PM me for help :)

also for future reference its always best to revive another topic on the challenge than to create a new one. we will answer as well but the next person won't have our help fragmented in various topics..

Im still stuck on the editing cookie part. I think I have it right but i dont know. How do I know if it has worked or not?? Should it tell me?

no, you won't see any visible changes…

step1: if (you have the web-developer toolbar (firefox extension)): (Go to the "Cookies" tab) && (select "View Cookie Information"); else: (Get web-developer toolbar) && (goto step1);

:P

then, do your injection, and view those cookies again…if you see a change, then it worked :)

Skunk I PM'ed you :)

you did? are you sure?

you might wanna try again, cause I didn't get it :s

Let's take a look to this challenge together… It says there is a cookie login script, so you surely want to check your cookies….there are two of them, a username and a password,but are decrypted and you need to encrypt them. So,when you submit, the login page will check your cookies and compare them to some encrypted data. If they are equal,you are athenthicated. So now you should understand what to do to pass the first login.

Then you have a second login which check you input on a SQL database. There are two ways to pass it. You should know the most basic SQL injection(if you don't, google for it),try it. Or you can guess the username, it won't be that hard, you know it.

Hope this helps