|
|
pitbull
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 34
|
|
|
|
|
|
| Sent on: 28/09/2005, 21:06:45 | Warn | Edit |
|
|
Can i get a good hint for this level?
I tried sql inections but it didn't work..
I found some xss in the site, what can I do with that?
steal cookies from other users? for that i need to give the link [with the script ] to someone, but to who?
hint plz...
[i saw the other posts about this level and it didn't help me]
edit :
so, there is 2 xss, one working, and the other is "protected"
the chars '<' and '>' are disabled
so now i know that i dont need to buid C**** S****
give some hint plz!
Edit by : pitbull At 28/09/2005, 19:15:31
Edit by : pitbull At 28/09/2005, 19:16:16
Edit by : pitbull At 28/09/2005, 20:21:53
|
|
|
|
|
|
Avidor93
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 65
|
|
|
|
|
|
| Sent on: 28/09/2005, 22:25:50 | Warn | Edit |
|
|
cp help, how the xss can help us?
p.s. we need to reg first right?
how to reg ? we dont now
the code :-<
: Avidor93 28/09/2005, 22:42:05
|
|
|
|
|
|
B~HFH
Global Admin
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 28
|
|
|
|
|
|
| Sent on: 29/09/2005, 00:22:27 | Warn | Edit |
|
|
Reading text about xss will help at this level.
for hacking with xss you need 2 things:
1. vulnerable place.
2. a way for sending the "dangerous" link for other users.
good luck [=
|
|
|
|
|
|
pitbull
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 34
|
|
|
|
|
|
| Sent on: 29/09/2005, 08:53:34 | Warn | Edit |
|
|
"dangerous" link, you mean cookie stealer?
what it can be if its not a cookie stealer?
|
|
|
|
|
|
Alias
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 27
|
|
|
|
|
|
| Sent on: 29/09/2005, 09:53:47 | Warn | Edit |
|
|
Cookie Stealer is a script in some server side language which get the cookies and saves it in some text file or in the DB.
When you want to steal cookies from other users you should do one more thing to make the users send thier cookies to the Cookie Stealer, try to think what is this thing.
Ok, so in this level they tell you that you don't have to builed CS, but they didn't tell you that you don't have to steal cookies.
GL.
Edit by : Alias At 29/09/2005, 07:54:26
|
|
|
|
|
|
pitbull
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 34
|
|
|
|
|
|
| Sent on: 29/09/2005, 16:24:56 | Warn | Edit |
|
|
Tnx Alias ;)
it was very easy, now i have some user name and password and I can login to site, what now??
what i need to do?
what the mission?
|
|
|
|
|
|
Avidor93
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 65
|
|
|
|
|
|
| Sent on: 29/09/2005, 23:56:44 | Warn | Edit |
|
|
hmm i pass it too....
but what now ?
i need to get the password from the upload page?
on the text area
i found that on any text the asp in this format
**********.asp?file=*****.****
and i was change it and it was written
you are on the right track
: Avidor93 29/09/2005, 22:03:07
|
|
|
|
|
|
cp77fk4r
Global Admin
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621
|
|
|
|
|
|
| Sent on: 30/09/2005, 01:18:07 | Warn | Edit |
|
|
So... it's mean that you on the right track! ;)
|
|
|
|
|
|
pitbull
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 34
|
|
|
|
|
|
| Sent on: 30/09/2005, 08:56:12 | Warn | Edit |
|
|
hint plz, maybe there is some txt file that contain the password?
I need to guess the file name? or maybe there is some sql injection in there?
|
|
|
|
|
|
cp77fk4r
Global Admin
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621
|
|
|
|
|
|
| Sent on: 30/09/2005, 14:24:53 | Warn | Edit |
|
|
You have the file name! look, when you type some password- it check if it's right, there is comparing to the right password in this file- you just need to know what is the value that it compare with you password.
and.. how can you know that...?
|
|
|
|
|
|
pitbull
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 34
|
|
|
|
|
|
| Sent on: 30/09/2005, 17:58:40 | Warn | Edit |
|
|
I know the name of the file that contain the password??
what u mean?
|
|
|
|
|
|
cp77fk4r
Global Admin
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621
|
|
|
|
|
|
| Sent on: 30/09/2005, 18:12:10 | Warn | Edit |
|
|
I mean that U know the name of the file that check if your password is right, try to think how can you see the source of this page.
|
|
|
|
|
|
codingr
Global Admin
Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 91
|
|
|
|
|
|
| Sent on: 30/09/2005, 19:12:28 | Warn | Edit |
|
|
think about it yourself.. too many hints..CLOSED
|
|
|
|
|