We don't get access to the actual source, just the "view page source" in a browser is all I can find and it's missing the php
It's a vm set up as the web server, that you don't get the log in for, so it runs in the back and just serves
Ryder Adams
>I have inspected the source code and I can't see any php,
You only see the HTML generated by the PHP. The idea is probably for you to enter some malformed input which will cause the PHP to spit out a password or whatever.
Aaron Sanchez
What will wireshark show me if I'm entering the wrong details?
Zachary Reed
Of course its missing the php in this way, go read an introduction to php. Php is a backend language which is never served to the frontend (your view page source thingy)
Alexander White
Type 'or 1 = 1 into both fields
Adrian Morgan
I mean ' or 1=1
Alternatively " or 1=1
Not sure but the whitespace is also key
Josiah Davis
Makes sense. I assumed since I can see the post and gets in firebug that it would be attached to the front end.
I've tried to submit a GET using developer mode to ask for the password and email, that did nothing.
Logan Collins
I don't understand this
Lucas Ward
read a book you lazy cunt
Christopher Parker
What on, exactly? What is it you're trying to get me to do? An sql exploit? Is this a way to retrieve the user name and password via php?
Ian Reed
This
Nolan Taylor
Bump
Nathan Bell
If you don't understand this you're not fit to take the goddamned challenge.
Zachary Murphy
this
Carter Watson
Yeah I can appreciate that. But what am I even supposed to look up to find this out?
Kayden Torres
>I have inspected the source code and I can't see any php
if you pop a line like that you shouldn't even be doing the challenge, every one knows that php source cannot be seen from the browser..
Joseph Price
Intro to CS Intro to webdev
Caleb Wood
The 1 or 1 thing is checking for susceptibility to an sql injection
Brody Myers
Oh ok how does it do that? What is the purpose of feeding it that?
