i know d line where the bug is. is d function v hv 2 use is html_en**ty_de****() ?
if its a spoiler, sorry. im clueless.
Extended Basic 7
Re: Extended Basic 7
by goluhaque on Wed Jan 27, 2010 1:48 am
([msg=33968]see Re: Extended Basic 7[/msg])
(23:45:03) hauk: I guess you are over the best part of your life when 4-year-olds say "Are you an evil man?"
(23:46:19) hauk: and "Ima punch you in the pecker"
(23:46:19) hauk: and "Ima punch you in the pecker"
-
goluhaque - Poster
- Posts: 153
- Joined: Mon Apr 13, 2009 12:08 am
- Location: India
- Blog: View Blog (0)
Re: Extended Basic 7
by eljonto on Wed Jan 27, 2010 5:26 pm
([msg=33998]see Re: Extended Basic 7[/msg])
goluhaque wrote:i know d line where the bug is. is d function v hv 2 use is html_en**ty_de****() ?
No
-Quis custodiet ipsos custodes?, Juvenal
_________________________________________________________________
_________________________________________________________________
-
eljonto - Poster
- Posts: 375
- Joined: Thu Apr 17, 2008 1:16 am
- Location: Australia
- Blog: View Blog (0)
Re: Extended Basic 7
by Bv202 on Mon Mar 08, 2010 8:24 am
([msg=36305]see Re: Extended Basic 7[/msg])
This ******.
I know exactly what the bug and vuln is. I also know how to fix it, but it just doesn't accept my answer.
Can't I just PM someone with my answer so you could give me a hint what's wrong? I can't post what I'm doing without spoiling everything.
I know exactly what the bug and vuln is. I also know how to fix it, but it just doesn't accept my answer.
Can't I just PM someone with my answer so you could give me a hint what's wrong? I can't post what I'm doing without spoiling everything.
- Bv202
- New User
- Posts: 6
- Joined: Sat Sep 13, 2008 11:08 am
- Blog: View Blog (0)
Re: Extended Basic 7
by nermd on Mon Mar 08, 2010 9:42 am
([msg=36310]see Re: Extended Basic 7[/msg])
you can send me a pm ...
With this world there is no understanding, we belong their only to the extent, as we rebel against it (Theodor W. Adorno) --> if somebody knows a "official" translation for the well known german quote ... pls let me know!
-
nermd - New User
- Posts: 42
- Joined: Fri May 23, 2008 3:22 am
- Blog: View Blog (0)
Re: Extended Basic 7
by Bv202 on Mon Mar 08, 2010 2:24 pm
([msg=36319]see Re: Extended Basic 7[/msg])
I'll do, thanks 
- Bv202
- New User
- Posts: 6
- Joined: Sat Sep 13, 2008 11:08 am
- Blog: View Blog (0)
Re: Extended Basic 7
by tremor77 on Fri Apr 02, 2010 12:35 am
([msg=37602]see Re: Extended Basic 7[/msg])
I saw the problems in the code as soon as I opened the page...
that being said, took a little over 3 hours to get the 'right' fix as you have it.... should consider editing the mission answer check for the other possible answers that IMHO are also very much correct...
sorry if this has been said a billion times but I just needed to vent that.
that being said, took a little over 3 hours to get the 'right' fix as you have it.... should consider editing the mission answer check for the other possible answers that IMHO are also very much correct...
sorry if this has been said a billion times but I just needed to vent that.
-
tremor77 - Moderator
- Posts: 780
- Joined: Wed Mar 31, 2010 12:00 pm
- Location: New York
- Blog: View Blog (0)
Re: Extended Basic 7
by trandoanhung1991 on Thu May 27, 2010 9:19 pm
([msg=39176]see Re: Extended Basic 7[/msg])
Ok, so I changed the method, and used htmls***********_d*c*** with ENT_QUOTES. What else do I need? Sorry if I sound rude but this one's getting on my nerves 
- trandoanhung1991
- New User
- Posts: 5
- Joined: Sat Jun 06, 2009 7:39 am
- Blog: View Blog (0)
Re: Extended Basic 7
by st0w on Mon Jun 21, 2010 8:25 am
([msg=40538]see Re: Extended Basic 7[/msg])
trandoanhung1991 wrote:Ok, so I changed the method, and used htmls***********_d*c*** with ENT_QUOTES. What else do I need? Sorry if I sound rude but this one's getting on my nerves
That's not the right function to use. Think about what the function you're talking about would do. Think about what type of attack you're trying to prevent. Are the answers to those questions the same, or are they mutually exclusive?
As has already been said multiple times - there are several perfectly valid ways to prevent exploitation of the presented vuln. And the code should really allow any of the various alternatives... But currently, it does not. Which can be helpful on the one hand, because it forces you to think about all the different ways you can accomplish the task. Unless, of course, your first guess is the right one.
- st0w
- New User
- Posts: 3
- Joined: Sat Jun 19, 2010 7:04 pm
- Blog: View Blog (0)
Re: Extended Basic 7
by kaoS555 on Thu Jul 22, 2010 11:37 pm
([msg=42542]see Re: Extended Basic 7[/msg])
OMG this one took me forever to figure out, but I just got it after visiting a few of the links provided in this thread. It is all in how you sanitize to prevent the XSS vuln, I feel so special now. 
- kaoS555
- New User
- Posts: 13
- Joined: Sat Jul 17, 2010 6:34 pm
- Blog: View Blog (0)
Re: Extended Basic 7
by Mr Fredward on Wed Aug 18, 2010 12:32 pm
([msg=43893]see Re: Extended Basic 7[/msg])
I cheated and looked up the answer after 2 hours of trying to guess what kind of sanitization the knuckle head who wrote this challenge liked best. Since the challenge is about identifying the vulnerability, not wasting your life guessing sanitization, I don't think its a spoiler to say don't waste time with php sanitization functions like I did, and instead look at string functions meant to encode special chars, particularly chars that are special in html. *wink wink nudge nudge*
http://www.php.net/manual/en/ref.strings.php
All you need to do is sanitize and fix a simple bug, don't overthink it and change the way it gets the dangerous string entirely.
http://www.php.net/manual/en/ref.strings.php
All you need to do is sanitize and fix a simple bug, don't overthink it and change the way it gets the dangerous string entirely.
- Mr Fredward
- New User
- Posts: 1
- Joined: Wed Aug 18, 2010 12:10 pm
- Blog: View Blog (0)
Who is online
Users browsing this forum: No registered users and 0 guests