TryThis0ne >> Challenges >> Realistic
level name: Text Archive
Viewers: :
Locked
Locked
Locked
 
pitbull




AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 34




Send Email Top
Sent on: 28/09/2005, 21:06:45 Warn | Edit
Can i get a good hint for this level?
I tried sql inections but it didn't work..
I found some xss in the site, what can I do with that?
steal cookies from other users? for that i need to give the link [with the script ] to someone, but to who?

hint plz...
[i saw the other posts about this level and it didn't help me]
edit :
so, there is 2 xss, one working, and the other is "protected"
the chars '<' and '>' are disabled
so now i know that i dont need to buid C**** S****
give some hint plz!

Edit by : pitbull At 28/09/2005, 19:15:31

Edit by : pitbull At 28/09/2005, 19:16:16

Edit by : pitbull At 28/09/2005, 20:21:53

Avidor93




AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 65




Top
Sent on: 28/09/2005, 22:25:50 Warn | Edit
cp help, how the xss can help us?
p.s. we need to reg first right?
how to reg ? we dont now
the code :-<

: Avidor93 28/09/2005, 22:42:05

B~HFH
Global Admin



AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 28




Send Email Top
Sent on: 29/09/2005, 00:22:27 Warn | Edit
Reading text about xss will help at this level.
for hacking with xss you need 2 things:
1. vulnerable place.
2. a way for sending the "dangerous" link for other users.

good luck [=

pitbull




AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 34




Send Email Top
Sent on: 29/09/2005, 08:53:34 Warn | Edit
"dangerous" link, you mean cookie stealer?
what it can be if its not a cookie stealer?

Alias




AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 27




Send Email Top
Sent on: 29/09/2005, 09:53:47 Warn | Edit
Cookie Stealer is a script in some server side language which get the cookies and saves it in some text file or in the DB.
When you want to steal cookies from other users you should do one more thing to make the users send thier cookies to the Cookie Stealer, try to think what is this thing.
Ok, so in this level they tell you that you don't have to builed CS, but they didn't tell you that you don't have to steal cookies.

GL.

Edit by : Alias At 29/09/2005, 07:54:26

pitbull




AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 34




Send Email Top
Sent on: 29/09/2005, 16:24:56 Warn | Edit
Tnx Alias ;)
it was very easy, now i have some user name and password and I can login to site, what now??
what i need to do?
what the mission?

Avidor93




AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 65




Top
Sent on: 29/09/2005, 23:56:44 Warn | Edit
hmm i pass it too....
but what now ?
i need to get the password from the upload page?
on the text area
i found that on any text the asp in this format
**********.asp?file=*****.****
and i was change it and it was written
you are on the right track

: Avidor93 29/09/2005, 22:03:07

cp77fk4r
Global Admin



AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621




Send Email Top
Sent on: 30/09/2005, 01:18:07 Warn | Edit
So... it's mean that you on the right track! ;)

pitbull




AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 34




Send Email Top
Sent on: 30/09/2005, 08:56:12 Warn | Edit
hint plz, maybe there is some txt file that contain the password?
I need to guess the file name? or maybe there is some sql injection in there?

cp77fk4r
Global Admin



AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621




Send Email Top
Sent on: 30/09/2005, 14:24:53 Warn | Edit
You have the file name! look, when you type some password- it check if it's right, there is comparing to the right password in this file- you just need to know what is the value that it compare with you password.

and.. how can you know that...?

pitbull




AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 34




Send Email Top
Sent on: 30/09/2005, 17:58:40 Warn | Edit
I know the name of the file that contain the password??
what u mean?

cp77fk4r
Global Admin



AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621




Send Email Top
Sent on: 30/09/2005, 18:12:10 Warn | Edit
I mean that U know the name of the file that check if your password is right, try to think how can you see the source of this page.

codingr
Global Admin



AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 91




Top
Sent on: 30/09/2005, 19:12:28 Warn | Edit
think about it yourself.. too many hints..CLOSED

All the times are GMT+2, ISRAEL
TryThis0ne >> Challenges >> Realistic

Locked
Locked
Locked


Page generated using: 12 queries
Design by SBD © GeHeNoM.Net | Powered By Tera-Byte Forums 1.5 © JonJon & HLL
ý