Dashboard Articles Playground Discussions More
Follow

Am I on the right track with this?

Sandra Murphy

Odin [0din]
3 years ago | edited 3 years ago

0

Ok, so I know how do SQL injection, and after looking up “XPath Injection” and “XML Injection” it looks to be very similar.

I also know that the example provided in the hint is to give us the right element name to use.

So I am using this:

‘1=1 or 'a’=‘a or 'realname=Sandra Murphy’

as well as a bunch of variations, but I still get invalid login errors.

I know that the “real name” needs to go at the end because of the element structure in the XML.

What am I doing wrong?

 

<‘b><'font-size=100pt>WELCOME TO MY MYSPACE!!!1!</'font></'b>

Thread has been resolved, jump to solution
1reply
1voice
314views
Odin [0din]
3 years ago

0

Nevermind, I figured it out. had my arguements jumbled.

 

<‘b><'font-size=100pt>WELCOME TO MY MYSPACE!!!1!</'font></'b>

Discussion thread has been locked. You can no longer add new posts.
1 of 2

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss