Loggin in but as James Roberts

Check this thread to see the full implementation of Intermediate Level 6.

You should include your injection into the code to see if it works.

Thank you i have read the post and i finally got it! after 65 tries xD

This level was really something.

Can anyone offer a brief explanation as to why this injection logged in as James Roberts? Is that the name of the admin? im confused… 235 attempts so far lol

My guess is that admin is a user then “or name(realname)=‘Sandra Murphy” is a true statement??

Try to understand what you are injecting into and how XPath deals with that. The thread @freewind1012 referred to can help you.

(And yes, James Roberts is admin.)

Thanks for that, I’ve litteraly read every single thread on here, watched youtube videos, read articles on various sites and i’m really just not getting it. I’m ok with SQL injection and obviously a lot of people say this is very similar but I cant seem to link the two. >> ‘or 1=1 or realname/text()='Sandra Murphy is what I last injected and I genuinely have no idea if im on the right lines as many of the posts in this forum contradict eachother, with some saying you only use 1=1 if you don’t know something and others saying the injection starts with ’ or 1=1… very confusing to me for some reason.

Don’t rely too much on what others say. As you have noticed, not everyone knows what they are talking about. ;)

Try setting up something for yourself to play with XPath. Get a feeling for it. I just googled ‘xpath online’ and got http://www.xpathtester.com/xpath which seems to work (although I did have to paste the whole XML back in every time).

Brilliant link thanks a lot for that, I think my biggest mistake has been reading too much of what others have said. I’ll have a play about on that siter, thanks again!