Recently posted about the soft hyphen in "cool hacks"

thought i'd share one site i know that's vulnerable (because i just tested it)
i went through some of the sites on the link page

I just registered
Elec­trica
with password testtest

but beware there is an \xAD character in there
the username was created with echo -e "Elec\xADtrica"
you could now post messages as "Electrica"
or you could register Cae\xADsum .. and be all devious and/or bloody annoying

Aren't vulnerabilities in fellow challenge sites all the "cool"? Do I get extra karma points for
posting it first on Bright-Shadows?

ps: it's nifty, you'll see that you can copy paste the username from above,
and use it with the password given.

but it won't work if you just type the username (without the softhyphen)

Hmm, I'll have to do something about that!

Cool. Caesum still appears here?

should be fixed now.

Maybe too late

Better late than never .