Extbasic 7

[AADude]

I have the code, I submitted it and it still doesn't work -.-.

I clean up the action and fix the method, but it still won't work...

[TWilli1777]

Instead of everyone complaining about how they know what the answer is, but HTS is just too retarded to accept such advanced code... try to realize that obviously, something DOES work, as other people are getting it. I see so many people talking about all the things they are trying in order to fix the vuln... but the answer is NOT that complicated. Complex is NOT always better. Step back, look at what the mission is asking for, and think of the most simple way to get the right amount of sanitation. (Note: just because you have a favorite method does not mean it is the best method for every situation...) And, as for the bug... that should be easy enough to fix. If it isn't, review the basic missions.

[Kontagious]

Okay... I got it!
God, this was lame, but anyways...

I hope it is not to much of a spoiler - if so, feel free to edit!

Posible spoiler:

There are many ways to sanitize PHP_SELF (assuming you all know this is the vuln) as you might know by now. However, most of the ways will sanitize a lot of "innocent" chars too. We do not want this to happen. Luckily there is an alternative which is very alike, but only sanitizes the most "dangerous" chars like '<', '>' and quotes. This is what we are looking for.

This challenge is definitely a tricky one...this is really the first time I've had to post for help. Though in a somewhat different way...

I totally agree with what the above quotation says, and I also want to quote a site posted in one of the other extbasic 7 threads, http://seancoates.com/xss-woes , because it helped me out immensely. I believe I have the correct idea on how to fix the problem, but implementing my fixes is my problem. I currently have selected one (uno [1]) function that (theoretically) will remove only the most dangerous characters from a selected string, variable, etc. (from [possible spoiler?] http://www.w3schools.com/PHP/php_ref_string.asp). The other bug is, if I'm thinking correctly, an easy one to fix ([possible spoiler?] I just followed the trends in the way data is sent/received in the script). Now when I combine them into a single line to correct the script, I am not rewarded with the ability to move on to the next lvl. I am assuming that the answer must be fairly specific, and I'm asking exactly how specific? Must I watch where I put spaces? Should I only input part of the line of code? Need I worry about my function's parameters? (I have, by the way, tried variations of my solution with and without appropriate parameters and so far it hasn't worked)

If there's anything I'm missing...any light that can be shed on this...it would be greatly appreciated. If need be, pm's work just fine.

*note: I have also employed the use of a semi-colon when trying different variations of my solution, but to no avail.

thank you for your time and patience

[BAzly]

I believe that I have well and truly learned the lesson being taught here... I am 90% sure that the function I am trying to use to sanitize the vulnerability is correct... but it looks like the answer has to be "exact". I've tried including 1-3 arguments in the function, I've tried adding a semi-colon to the end... I've done upper and lower case... something is just not jiving here.

Can someone simply PM me what the "exact" string is" I can send you have I made myself and you can tell me how close it is.

[Kontagious]

I believe that I have well and truly learned the lesson being taught here... I am 90% sure that the function I am trying to use to sanitize the vulnerability is correct... but it looks like the answer has to be "exact".

I think that a larger lession may also be that the complexity of one's target could be for all practical purposes, infinite. There could be many different exact solutions...but to find the right one may take some digging. Passively I think I spent a good 16 hours total research time finding the solution to this problem. No, it's not broken...yes, it's a pain...but the sense of accomplishment (a.k.a. reward) for getting it right is nice keep pluggin' away, and look through some of the other posters' work...it'll definitely help out a bit.

[McAfreak]

I think another reason that only one of the dozens of solutions works is that they're training you for real life. Yes, if there are dozens of solutions, chances are most of them work. I'm not saying this is a literal example, because it isn't. I'm saying that it's a theoretical example. It's very rare that you will do the right thing when trying to break or solve something on the very first try. As a software tester, I know just how many ways there are to approach things, many of which I wouldn't have thought of, but revealed bugs or vulnerabilities nonetheless, while other solutions did not reveal the same things.

Simply put, if you can't be patient with this, you're not gonna be patient with real life, and therefore will fail.

Though I must admit this mission is becoming a pain, but I am doing plenty of research.

I totally agree with what the above quotation says, and I also want to quote a site posted in one of the other extbasic 7 threads, http://seancoates.com/xss-woes , because it helped me out immensely. I believe I have the correct idea on how to fix the problem, but implementing my fixes is my problem. I currently have selected one (uno [1]) function that (theoretically) will remove only the most dangerous characters from a selected string, variable, etc. (from [possible spoiler?] http://www.w3schools.com/PHP/php_ref_string.asp).

These sites are a good place to start.