11 years ago
0
Hi All,
Everyone who has completed this level. Please provide some hints. Thanks in advance.
11 years ago
0
I know that already. What does that have to do with this level.
https://www.owasp.org/index.php/Category:Attack
This is the best help I can provide. Thanks to @verath who send that in IRC :)
EDIT: @tlotr if you read the right part of the mentioned site then you might understand the “\n” thing
11 years ago
0
ColdIV,
Which would be the right part to read in the URL which you have mentioned above.
Hi,
What’s in the provided link relate to the challenge ? Yup, you just got your answer.
The hard part is to find what the server parses as success.
We are FallaGa, We are Resistance, We support peace, We do not initiate, But when you provoke us, behold to suffer our reaction.
how would I find what the server parses as success? just keep guessing or is their another way? I’ve tried Succeeded and successful…
Hi,
I am stuck at this level.
I followed the link provided above and I figured out that I have to use a ‘Log Injection’ (using the \n thing lol).
Now, I put as username this: guest\nUser login succeeded for: admin
and it comes up that my IP is no longer blocked but just that the details are invalid.
It keeps saying ‘Failed Password for from (IP)
Now, I think I put the right thing within the ‘username’ box.
What should I put as password?
In the link provided or on YouTube, I have seen several things (Spoofing Log) but I have never heard anything about password.
Actually, one just needs to enter the correct username but I think I inserted the right code….so what’s the problem ?!
Could you help me, somehow?
I don’t want the answer, of course. I would like to just know whether what I inserted in the username box is correct or not and if I need to type something in the password box.
Thank you,
Francis
11 years ago
0
I think you are giving too much information about this level but there is a little spoiler for you:
You don’t need a password so your username isn’t correct.
@Zoino
The article shared in this thread is enough IMO. You have to find the main part of the log and then play with it.
“People who doesn’t work hard doesn’t have the right to be envious of the people with talent. People fail because they don’t understand the hard work necessary to be successful.”
I have been at this for three or four days now and I am getting nowhere except getting real bad headache. I understand the new line using \n I’ve even tried stuff like: blah' or 1=1 or ‘a’=‘a or anything else I could think of but still no luck. I have read through this 'til I can’t read it much more.
http://saxon.sourceforge.net/saxon6.5.3/expressions.html#StringExpressions
Could someone please help a girl out???
I have tried lots of different usernames with the \n to stop the blocking but I need to give it a rest because I am just going over the same thing time and time again. Will have a bash at the crypt level as I have found what is in the encryption levelt just got to iron out the first section. AAaaarrrghgghhhh right - coffee first! At least I don’t have to go into work today!! ;)
[quote=Trinity]Could someone please help a girl out???[/quote]
Girl… Is that a rare Pokon?
Because you are a girl, I will give you karma for no reason. It will help to boost your brain! B)
If you give me karma, it will surely help you again.
11 years ago
0
This level looks really tough… -_-
A HACKER should see through his DeCeptions ………………………………..
I guess I see through my DeCeptions ………………………………………………..
@francisuk That’s too much of a spoiler I guess.
Maybe this helps you:
The program is “banning” your ip for a period… maybe you try changing quikly your ip…
Human Stupidity , thats why Hackers always win.
? Med Amine Khelifi
Roses are red,
Violets are blue,
AES(level) is bad
And I might be too