There is no escape  Go to the No Escape challenge

As this is more or less a training challenge, i'd like to give some general hints:

If you are doing your injections, make sure you don`t end a query with semicolon(;). The php mysql extension does not like that.

There is a trim() for all $_GET and $_POST data. This means any trailing space get`s removed.

In this challenge, the / character is filtered. So you can not use /**/ as mysql comment style. A nice working mysql comment style for this challenge is: ?vote_for= blub%20--%20foo

everything after ' -- ' is treated as comment, but the trailing space is important.

At last, let me give you a specific hint for this challenge: mysql_real_escape_string() might not work for your input!

Also keep in mind: Our exploits are mostly not simulated and "Code you see is code in use"

Good luck!

Is it really possible with an MySQL-Injection? Cant pass trough the mysql_real_escape_string().
My Thougts was to manipulate simply that +1.
%20--%20 the Comment doesnt work or?

%20--%20 Shows an ErrorMessage like this:
MySqlError(1054): Unknown column 'bill -- ' in 'field list' in Query:
UPDATE noescvotes SET `bill -- `=`bill -- `+1 WHERE id=1

But all after the comment should not parsed or?
No matter the comments are only usefull if i can put a ' after my bill or george.

If another hint would break the challenge for others please write me a PM
Thx for so much fun!
And sorry for my bad english iam german.

Look closely again how the query is build
Injecting mysql in this challenge is quite easy.

Thx this was close enough
Great Challenge!

Ive been trying evrything and searched for the mysql_real_escape_string(), but could get to nowhere. Can you please give me another clue ?? Please please .-) I found that the function does not excape some chars, but could find any usefull with them.

Thank you

There is already a very big hint in my previous post ... and you are on a good track ... keep trying!

Gizmore first post helps out the most as i was stuck on commenting the rest of the command

Huh... I kept getting errors until I added the trailing space, and now I get two green boxes (Vote counted for [INJECTION] and All votes have been reset), leading me to believe that I solved it, but it doesn't show up as solved in my challenges, and I am not on the Heroes list.

Check the code. There are two ways to get those messages, only one is the solution.

Hah, I got it. It just didn't like me going overboard and using 999 instead of 111 in my injection.