Saturday, October 25, 2014 Login · Register
    Login
Username

Password


Remember Me

Not a member yet?
Click here to register.

Forgotten your password?
Request a new one here.

 

    Users Online
  • · Members on IRC: 29   
  • · Total Members: 16,751
  • · Newest Member: imylfs
  •  

     

        Related Ads
     

     

     

        Top 10 Forum Posters
    UserPosts
    bluechill1411   
    madf0x1291   
    cruizrisner1062   
    Qwexotic1034   
    Null Set870   
    Override604   
    auditorsec603   
    godofcereal599   
    TurboBorland585   
    Teddy477   
     

        Affiliates




  • iExploit


  • iExploit


  • WeChall





  • Thisislegal.com

  •  

        Related Ads
     

    View Thread
         
    Security Override Hacking Challenges Basic Hacking Challenges
    The Proper Way to solve Basic 4
    Register FAQ Members List Today's Posts Search

    Print Thread
    12-10-2013 05:41 AM The Proper Way to solve Basic 4 | Edited by silverpendulum 12-10-2013 05:45 AM
    Hi!

    The first thing that I did was change the value of the select option to "Admin", which, when submitted, would display to a message saying that I had the right idea, but needed to edit the local script.

    Anyway, I played around, and modified it from POST to GET to show the complete url upon submission. It would return to the login and the source would revert back to POST. I then modified the url, changing it from "uname=Guest" to "uname=Admin"-- ", which is, if I'm correct, already a form of SQL injection (or at least similar to it). With the url set like that, I then proceeded to once more change the option value to "Admin" (since the page refreshed), and I was able to complete the challenge.

    Since it is just categorized as "Basic," what way of breaking in did the problem want to test?
     
    Offline
    12-17-2013 12:12 AM RE: The Proper Way to solve Basic 4
    They want to test:

    1. Editing the page locally
    2. Form input source is not checked for, where it is coming from.
     
    Offline
    05-18-2014 07:37 PM RE: The Proper Way to solve Basic 4
    My question is...

    How do you get your address bar to display all that hidden information?
     
    Offline
    05-29-2014 02:39 AM RE: The Proper Way to solve Basic 4
    You need ScrapBook (Mozilla Add-On)... I know how to solve it, but it doesn't work ^^
     
    Offline
    06-17-2014 10:23 AM RE: The Proper Way to solve Basic 4 | Edited by thepriest 06-17-2014 10:23 AM
    Doesn't work for me, tried 2 solutions,

    it worked for 2 friends though (same way), this must be bugged
     
    Offline
    06-17-2014 10:41 AM RE: The Proper Way to solve Basic 4
    It's not bugged.

    Remember the mission doesn't just want you to log in as admin. It also wants the request to come from your local server and NOT securityoverride.org. Of course, you need not save the form locally if you know how the mission is testing that and how to bypass that.
     
    Offline
    06-17-2014 10:45 AM RE: The Proper Way to solve Basic 4
    Abhinav2107 wrote:
    It's not bugged.

    Remember the mission doesn't just want you to log in as admin. It also wants the request to come from your local server and NOT securityoverride.org. Of course, you need not save the form locally if you know how the mission is testing that and how to bypass that.

    we are 4 friends, each on a different PC, each trying the same way, 2 passed, and 2 failed :/,

    we did the exact same thing :/
     
    Offline
    06-17-2014 12:01 PM RE: The Proper Way to solve Basic 4
    I know passing this challenge was rather frustrating for me. All the hints and posts I read only told me what I already knew: save and execute locally. I found what I needed to do, and, even though I did figure it out, it wasn't correct. One of the hints given was that you need to send the form to the correct location. I did and still nothing. Then I saw what was wrong and felt like an idiot.

    Remember to be specific. You don't need any special program, just study the HTML, determine what to do, and be specific.
     
    Offline
    06-18-2014 05:21 AM RE: The Proper Way to solve Basic 4
    Sweetonionct wrote:
    I know passing this challenge was rather frustrating for me. All the hints and posts I read only told me what I already knew: save and execute locally. I found what I needed to do, and, even though I did figure it out, it wasn't correct. One of the hints given was that you need to send the form to the correct location. I did and still nothing. Then I saw what was wrong and felt like an idiot.

    Remember to be specific. You don't need any special program, just study the HTML, determine what to do, and be specific.


    I still don't get why My friends could pass it and I didn't :/
    I did the exact same thing as them and keeps telling me that it's correct but not what I need to do
     
    Offline
    06-18-2014 10:27 AM RE: The Proper Way to solve Basic 4
    Not sure if this is a spoiler, because I don't think the mission wants you care about this, but make sure you are sending the referer.

    Your browser/firewall might be blocking the referer, hence the different results on different systems. If you wrote a script for this, add the referer header as well.
     
    Offline
    06-19-2014 09:46 AM RE: The Proper Way to solve Basic 4 | Edited by thepriest 06-19-2014 09:47 AM
    Abhinav2107 wrote:
    Not sure if this is a spoiler, because I don't think the mission wants you care about this, but make sure you are sending the referer.

    Your browser/firewall might be blocking the referer, hence the different results on different systems. If you wrote a script for this, add the referer header as well.


    yep I tried everything I don't get why it doesn't work... who can I PM ??? (not to spoil the challenge)
     
    Offline
    06-19-2014 10:05 AM RE: The Proper Way to solve Basic 4
    PM me with what you are doing.
     
    Offline
    Jump to Forum:
    Forum powered by fusionBoard