Friday, July 25, 2014 Login · Register
    Login
Username

Password


Remember Me

Not a member yet?
Click here to register.

Forgotten your password?
Request a new one here.

 

    Users Online
  • · Members on IRC: 32   
  • · Total Members: 15,629
  • · Newest Member: k3t4n
  •  

     

        Related Ads
     

     

     

        Top 10 Forum Posters
    UserPosts
    bluechill1411   
    madf0x1285   
    cruizrisner1061   
    Qwexotic1034   
    Null Set870   
    Override604   
    auditorsec603   
    godofcereal599   
    TurboBorland585   
    Teddy477   
     

        Affiliates




  • iExploit


  • iExploit


  • WeChall





  • Thisislegal.com

  •  

        Related Ads
     

    View Thread
         
    Security Override Hacking Challenges Javascript Hacking Challenges
    bypass
    Register FAQ Members List Today's Posts Search

    Print Thread
    03-12-2010 06:41 AM bypass
    on javascript 1 how do i bypass the page to get to the login page any tips
     
    Offline
    03-12-2010 07:31 AM RE: bypass
    After you visit the index.php you get redirected to fail.php. So use Tamper to work around the redirectionWink
    Join our IRC channal! irc.evilzone.org #Evilzone #SecurityOverride

    This dude doesn't answer to PM..no matter how special you think you are...sry

    "With great power comes great responsibility"
     
    Offline
    03-12-2010 07:41 AM RE: bypass
    ok thanks
     
    Offline
    03-12-2010 09:05 AM RE: bypass
    What Teddy told is 100% correct. To detect this type of actions if u open a client side proxy and examine the browsers interaction, you can observe that there are 2 get requests instead of usual 1.
    Therefore a script on the client is redirecting to a new page. Why we are sure this action is not happening from server, because we do not get an HTTP 301, or 302 response from server and rhe requests are HTTP response 200.

    If you use a client side proxy to examine what communications is happening on the wire between browser and server, you would easily go through the first one as well.

    Hope this helps to understand the logic .. Smile
     
    Offline
    03-12-2010 07:41 PM RE: bypass
    Or use NoScript...

    securityoverride.net/images/userbar.png
     
    Offline
    03-12-2010 08:18 PM RE: bypass
    Pfft I hate when people trick me with JS.
    Thats why NoScript Rules!(+ extra security)
     
    Offline
    03-13-2010 04:30 PM RE: bypass
    Qwexotic wrote:
    Or use NoScript...


    Or in firefox press stop after it loads the first page Wink
     
    Offline
    04-05-2010 11:56 AM RE: bypass | Edited by Torrment 04-05-2010 11:57 AM
    this one can also be completed using the web developer add on for firefox
     
    Offline
    04-05-2010 03:46 PM RE: bypass
    there are many different ways to achieve the target, depends on individual liking. This is not important, important is to understand the logic of the exercise, because each one focuses to improve ur skills on some aspect or the other.
    Smile....Even IMPOSSIBLE says I m possible.... Smile

    And with knowledge comes responsibility.
     
    Offline
    04-07-2010 07:30 AM RE: bypass | Edited by Override 04-07-2010 08:43 AM
    one of the easiest ways to win this one is[BIG SPOILER]ghea bss wninfpevcg va lbhe oebjfre[/BIG SPOILER] (the text is hidden mark to see.Wink

    edit by Override: The big spoiler has been encoded.
     
    Offline
    09-01-2011 12:52 AM RE: bypass
    How would i use no-script for this challenge?
     
    Offline
    09-01-2011 06:34 AM RE: bypass
    1) Use NoScript to forbid JS execution on this site.
    2) ???
    3) Profit
     
    Offline
    09-19-2012 12:47 AM RE: bypass
    i pass this challenge but still confuse can any one explain this challenge to me ?!!
     
    Offline
    09-19-2012 06:59 AM RE: bypass
    When you open the challange page you first visit index.php which has follow JavascriptCode:
    Download source  Code

    window.location = 'fail.php'




    If you do not understand now what happans read above for more infos and learn javascript ;)
    Join our IRC channal! irc.evilzone.org #Evilzone #SecurityOverride

    This dude doesn't answer to PM..no matter how special you think you are...sry

    "With great power comes great responsibility"
     
    Offline
    05-29-2014 11:14 AM RE: bypass
    I've just passed this challenge. I've tried using no-scripts, tamper data and locally opening a modified copy of the page. I have no idea which method has worked, because i never got to any "Congrats!" page, though i've just noticed the light beside the challenge on my profile has turned green. Did that happen to anyone else? Does anyone know why?
     
    Offline
    Jump to Forum:
    Forum powered by fusionBoard