I’ve understand what the xpath injection do but , i dont know and dont find where put the code… i want hint , like “somewhere in the source”
@paulau , well buddy ….what you gotta do is to trick the code to think that you logging in was authorised. Now ,if you have understood XPath Injection then you must be knowing that you gotta do it along the lines of Username.One more hint that really helped me for good is that though XPATH Injection is not SQL Injection but the Injection method is more or less same. :)
Wait and listen what the others say to that !!
Its basically all about a malicious entry much similar to what we did in SQLI missions .
Now , in SQLI level 1 , how did you injected it…through what ? Username , password or the code .
Its not that hard…more or less the same….
If you are confused about your injection…..pm me what you are injecting…I’ll try to help you as much as I can !!
SQL injection and XPath injection: they are two kinds of injection, right? The big difference between them is the syntax. Sure, XPath query is not like SQL query. However, the disaster all starts from the same place: a HTML form.
Where did you inject a SQL query? Inject a XPath query exactly like that.
Well did not quite remember this level, but got it. Its a lot like Sql injection with a bit of a trick. Yes as @freewind1012 said just do it as you do Sql injection and put it where you insert the query. ?
- @IAmDevil
Its good to be back! :D
i put
Sandra Murphy' or 1=1 or ‘a’=‘a
as username and pass and i’ve Error with request which is appear :‘(
i really dont get it :(
Ok a hint here. Don’t use Spaces ! And you are close to the answer. Try shifting the name somewhere else
?
Edit: Try inspecting the hint carefully.
- @IAmDevil
Its good to be back! :D
@paulau , my friend….two things….
1 Its XPATH Injection not SQL injection they are just similar but as @freewind1012 said XPATH query is different from SQL query.
2 Sandra Murphy is not the username….its the real name….
Think….what can you do to convince the code or script that you are a legitimate user….
Its similar to sql not same as sql…
Naa you are way out of the league!
You have to make a query which is similar to Sql injection, but a little different. Try seeing some other threads I’m sure you’ll get a lead there! ?
The level is not too hard some examples of Xpath query will give you an idea of what the query should look like!
- @IAmDevil
Its good to be back! :D
@paulau: At least try to show us a proper XPath query. I always have to repeat myself: “You can’t hack anything if you don’t know how it works!”.
10 years ago | edited 10 years ago
0
Hey paulua, freewind1012 is right mate, if you don’t understand what you are doing then how do you expect to pass the level? It is not too hard if you really understand what it is asking of you.
it asks you to input the real name of ‘Sandra Murphy’ not the username so think about it and how it would be worded to pass the level.
Here is a big hint for you and I don’t think this is a spoiler but I’ll put it in there just in case.
you don’t need a password!
Intermediate 6… I remember that I had solved this level by reading a code snippet somewhere. Ah, it’s here.