Right so my school IT admin have challenged me to hack the school website! I've a found search area and some open ports the open ports are Mysql and FTP.
I think my best bet is XSS i know that the site is running joomla and apche 2.2.3 and that's about it!
Right keep in mind i am very new to XSS but this is as much as i can get out of it.
What ever we put in the Search bar is also in the url as in search/node/Whatyoutype
How ever brackets () and signal quotes ' are changed to %27 and %29 i've inspected the html and found this.
<input type="submit" id="edit-submit" name="op" value="Search" class="form-submit">
Not sure if that's any help but that's as far as my knowledge on xss will take me any ideas !?