Thursday, April 24, 2014 Login · Register
    Login
Username

Password


Remember Me

Not a member yet?
Click here to register.

Forgotten your password?
Request a new one here.

 

    Users Online
  • · Members on IRC: 53   
  • · Total Members: 14,567
  • · Newest Member: jak001
  •  

     

        Related Ads
     

     

     

        Top 10 Forum Posters
    UserPosts
    bluechill1411   
    madf0x1277   
    cruizrisner1057   
    Qwexotic1034   
    Null Set869   
    auditorsec603   
    Override602   
    godofcereal599   
    TurboBorland585   
    Teddy469   
     

        Affiliates




  • iExploit


  • iExploit


  • WeChall





  • Thisislegal.com

  •  

        Related Ads
     

    View Thread
         
    Security Override Hacking Challenges Basic Hacking Challenges
    The Proper Way to solve Basic 4
    Register FAQ Members List Today's Posts Search

    Print Thread
    12-10-2013 05:41 AM The Proper Way to solve Basic 4 | Edited by silverpendulum 12-10-2013 05:45 AM
    Hi!

    The first thing that I did was change the value of the select option to "Admin", which, when submitted, would display to a message saying that I had the right idea, but needed to edit the local script.

    Anyway, I played around, and modified it from POST to GET to show the complete url upon submission. It would return to the login and the source would revert back to POST. I then modified the url, changing it from "uname=Guest" to "uname=Admin"-- ", which is, if I'm correct, already a form of SQL injection (or at least similar to it). With the url set like that, I then proceeded to once more change the option value to "Admin" (since the page refreshed), and I was able to complete the challenge.

    Since it is just categorized as "Basic," what way of breaking in did the problem want to test?
     
    Offline
    12-17-2013 12:12 AM RE: The Proper Way to solve Basic 4
    They want to test:

    1. Editing the page locally
    2. Form input source is not checked for, where it is coming from.
     
    Offline
    Jump to Forum:
    Forum powered by fusionBoard