Register | Login You have no new private messages
TryThis0ne >> Challenges >> Realistic
Toys RC challenge!
Viewers: :
Quick reply
Reply
New Topic
 
Author Message
K32.nix
AVATAR



 Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 78




Send Email Top
Sent on: 12/01/2010, 21:29:50 Reply | Quote | Warn | Edit
Post here hints and doubts about toys rc challenge!
good luck!
Ratinho
AVATAR



 Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 52




Send Email Top
Sent on: 14/01/2010, 15:39:47 Reply | Quote | Warn | Edit
well, i manage to manipulate the site to show Bruce (and his last name) as the provider of the x-hellicopter
what should i do now??
cp77fk4r
Global Admin



AVATAR



 Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621




Send Email Top
Sent on: 14/01/2010, 16:14:07 Reply | Quote | Warn | Edit
you've got bruce's last name? type it in the submit score..

Edit by : cp77fk4r At 14/01/2010, 14:15:26
Ratinho
AVATAR



 Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 52




Send Email Top
Sent on: 14/01/2010, 17:41:30 Reply | Quote | Warn | Edit
oh true, that really makes sense=]
passed, really nice challenge=]
cp77fk4r
Global Admin



AVATAR



 Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621




Send Email Top
Sent on: 15/01/2010, 16:03:39 Reply | Quote | Warn | Edit
:P
dermischa
AVATAR



 Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 2




Send Email Top
Sent on: 19/05/2010, 13:40:06 Reply | Quote | Warn | Edit
Someonaegot a Hint ?
Is this challenge a kind of sql-injection ?

I found some files but still stuck there - no ideas left in my head...
cp77fk4r
Global Admin



AVATAR



 Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621




Send Email Top
Sent on: 20/05/2010, 19:47:18 Reply | Quote | Warn | Edit
it's not a sql injection issue, try to read word by word what the information you have about this level.
prohacker
AVATAR



 Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 10




Send Email Top
Sent on: 29/05/2010, 15:27:19 Reply | Quote | Warn | Edit
cp77fk4r, i am sure i find the hint (I programming only under IIS and Apache and use Edit Plus (by the way : why edit plus put in my site file with no php extension?). )
i tried to find some file with no extension or like that : x.php.txt
but i didn't find ...

can you give another hint ?
cp77fk4r
Global Admin



AVATAR



 Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621




Send Email Top
Sent on: 01/06/2010, 17:23:16 Reply | Quote | Warn | Edit
nope. try to think like real hacker.. how can you find this files?
prohacker
AVATAR



 Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 10




Send Email Top
Sent on: 04/06/2010, 19:47:36 Reply | Quote | Warn | Edit
OK, this level was fixed :P

Edit by : prohacker At 12/09/2010, 20:34:47
Alias
AVATAR



 Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 27




Send Email Top
Sent on: 28/04/2011, 03:48:01 Reply | Quote | Warn | Edit
cp77fk4r:
[tcolor=red]it's not a sql injection issue[bcolor], try to read word by word what the information you have about this level.




Are you sure? Because I found a specific individual case which allows to inject SQL queries..

If it's not that, I guess I found another way to pass this level, but this way is not feasible because it's not taken into account in advance.
All the times are GMT+2, ISRAEL
TryThis0ne >> Challenges >> Realistic
Quick reply
Reply
New Topic


Page generated using: 12 queries
Design by SBD © GeHeNoM.Net | Powered By Tera-Byte Forums 1.5 © JonJon & HLL
ý