that gave me a hard time breathing like 90% of cybers would go for xss and sql injections even in the expression field , most of us tried the to exploit the "id" sqli method
that was... so much easier than I was making it. deleting readonly or hitting up console with a document.getElementById('d').removeAttribute('readonly'); cantrip helps. from there jus try injecty stuff
This challenge is unreasonable. Someone please try implementing the backend of this challenge in PHP. Then he will realize that the challenge is far-fetched.
3 days ago
that gave me a hard time breathing like 90% of cybers would go for xss and sql injections even in the expression field , most of us tried the to exploit the "id" sqli method