Basic Mission 5

Learn new things
Forum rules
DO NOT POST ANSWERS OR SPOILERS! [IE: Mission Links, Mission File Names/Pages, Scripts, etc.]

Posting these will result in warnings/bans!

Re: Basic Mission 5

Post by ammke on Sun May 04, 2014 4:34 am
([msg=80526]see Re: Basic Mission 5[/msg])

so what is the different between 4&5 i used web console in both and it worked.
ammke
New User
New User
 
Posts: 6
Joined: Sun May 04, 2014 4:23 am
Blog: View Blog (0)


Re: Basic Mission 5

Post by -Ninjex- on Sun May 04, 2014 8:09 am
([msg=80528]see Re: Basic Mission 5[/msg])

Seriously?
Go read the first post from the OP, it clearly explains the difference in the missions.
If you're not willing to learn, no one can help you. If you're determined to learn, no one can stop you.⠠⠵
The absence of evidence is not evidence of absence.
I can explain it for you, but I can't understand it for you.
User avatar
-Ninjex-
Addict
Addict
 
Posts: 1304
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: Basic Mission 5

Post by ammke on Sun May 04, 2014 11:17 am
([msg=80535]see Re: Basic Mission 5[/msg])

-Ninjex- wrote:Seriously?
Go read the first post from the OP, it clearly explains the difference in the missions.


yes man i know what you talking about i just say that i solve both with the same way i used the web console in firefox and change the email address and didn't see any difference.
ammke
New User
New User
 
Posts: 6
Joined: Sun May 04, 2014 4:23 am
Blog: View Blog (0)


Re: Basic Mission 5

Post by limdis on Sun May 04, 2014 11:28 am
([msg=80536]see Re: Basic Mission 5[/msg])

limdis wrote:If you are reading this it is likely for one of two reasons. One, you aren’t sure why the same method to complete Basic 4 isn’t working. Or, two, you are wondering why this was solved the same you completed Basic 4. I’ll explain.

In Basic 4, Network Security Sam was not verifying referrers which is why if you chose to complete the challenge by recreating the webpage on your desktop it worked. You performed a VERY crude example of a cross-site request forgery (CSRF) attack. Because the referrer was not being validated it allowed you to send the request from a different host (i.e. yourself).

Now, what I just said might have confused you. That's alright, take some time later to Google it. Remember these are basic missions right now! However, in Basic 5, Network Security Sam fixed his code. This time the request HAS to come from his site. With HTML alone you cannot change what is on a webpage, as you have (hopefully) already found, so it’s now time to dive into Javascript! You will need to perform what is called a Javascript Injection to change where the password is sent this time.

Take your time. Don’t cheat. Don’t become reliant on tools.


I highlighted specifically what you need to see. From your response to Ninjex it sounds like you don't understand how the web console works. You know that using it CAN change what you need changed but HOW/WHY does it work? Yes both missions can be solved with the same method if you use the method needed for Basic #5 on both, because javascript injections are awesome. Basic #5 is supposed to be an introduction from HTML to Javascript based attacks. You can solve Basic #4 with HTML alone if you wanted.
"The quieter you become, the more you are able to hear..."
"Drink all the booze, hack all the things."
User avatar
limdis
Moderator
Moderator
 
Posts: 1346
Joined: Mon Jun 28, 2010 5:45 pm
Blog: View Blog (0)


Re: Basic Mission 5

Post by ammke on Sun May 04, 2014 11:51 am
([msg=80537]see Re: Basic Mission 5[/msg])

limdis wrote:
limdis wrote:If you are reading this it is likely for one of two reasons. One, you aren’t sure why the same method to complete Basic 4 isn’t working. Or, two, you are wondering why this was solved the same you completed Basic 4. I’ll explain.

In Basic 4, Network Security Sam was not verifying referrers which is why if you chose to complete the challenge by recreating the webpage on your desktop it worked. You performed a VERY crude example of a cross-site request forgery (CSRF) attack. Because the referrer was not being validated it allowed you to send the request from a different host (i.e. yourself).

Now, what I just said might have confused you. That's alright, take some time later to Google it. Remember these are basic missions right now! However, in Basic 5, Network Security Sam fixed his code. This time the request HAS to come from his site. With HTML alone you cannot change what is on a webpage, as you have (hopefully) already found, so it’s now time to dive into Javascript! You will need to perform what is called a Javascript Injection to change where the password is sent this time.

Take your time. Don’t cheat. Don’t become reliant on tools.


I highlighted specifically what you need to see. From your response to Ninjex it sounds like you don't understand how the web console works. You know that using it CAN change what you need changed but HOW/WHY does it work? Yes both missions can be solved with the same method if you use the method needed for Basic #5 on both, because javascript injections are awesome. Basic #5 is supposed to be an introduction from HTML to Javascript based attacks. You can solve Basic #4 with HTML alone if you wanted.


ok thanks a lot man and i'll google how to use the web console.
ammke
New User
New User
 
Posts: 6
Joined: Sun May 04, 2014 4:23 am
Blog: View Blog (0)


Re: Basic Mission 5

Post by niknatar on Tue May 06, 2014 1:12 am
([msg=80558]see Re: Basic Mission 5[/msg])

I'm a bit confused as to what exactly generates the referer. Whether you use JS injection or save the HTML to your computer, the source code is running locally, correct? So when you inject the change, you're modifying the local copy stored by your browser that has been downloaded from the server. Similarly, when you download the HTML and open the changed code in your browser, that code is running locally as well. So what differentiates the referer in these two cases?
niknatar
New User
New User
 
Posts: 1
Joined: Tue May 06, 2014 1:07 am
Blog: View Blog (0)


Re: Basic Mission 5

Post by -Ninjex- on Tue May 06, 2014 3:14 am
([msg=80559]see Re: Basic Mission 5[/msg])

Well, I couldn't tell you for sure. However, when you download a local copy, you are not getting a lot of the server side code that comes with it. I know HTS uses a lot of PHP, so it could be possible they check referrers with it as well. However, they could even set it up to check referrers with .htaccess or even something else.
The point is, there is some server side code which you don't get along with the local copy that checks this information, therefor you can not modify it with a local copy and have to perform a XSRF exploit.
If you're not willing to learn, no one can help you. If you're determined to learn, no one can stop you.⠠⠵
The absence of evidence is not evidence of absence.
I can explain it for you, but I can't understand it for you.
User avatar
-Ninjex-
Addict
Addict
 
Posts: 1304
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: Basic Mission 5

Post by cyberdrain on Tue May 06, 2014 11:21 am
([msg=80561]see Re: Basic Mission 5[/msg])

An HTTP referer (no, this is not a misspelling) is a header sent usually when clicking on a link. The newly requested page gets the referer information and can use it to display certain greetings (Welcome Google-user) or to know which pages linked to it, which can be particularly useful in the case of advertisement or as protection (as used here). The referer information can be spoofed, blanked (by issuing a refresh) or otherwise manipulated. If I were to guess, then the site you connect to after clicking the link has server side scripting enabled to check whether the referer is still correct.
Free your mind / Think clearly
User avatar
cyberdrain
Contributor
Contributor
 
Posts: 969
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


Re: Basic Mission 5

Post by skilful on Tue May 06, 2014 11:41 am
([msg=80563]see Re: Basic Mission 5[/msg])

Hello HTS community, level 5 description says its a bit harder than level 4, but I achieved it exactly in the same way. Not secure even a little bit more. Maybe it got bugged?
skilful
New User
New User
 
Posts: 1
Joined: Tue May 06, 2014 11:38 am
Blog: View Blog (0)


Re: Basic Mission 5

Post by cyberdrain on Tue May 06, 2014 1:06 pm
([msg=80564]see Re: Basic Mission 5[/msg])

skilful, skillless, whatever your name is, please scroll up.
Free your mind / Think clearly
User avatar
cyberdrain
Contributor
Contributor
 
Posts: 969
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


PreviousNext

Return to Basic

Who is online

Users browsing this forum: No registered users and 0 guests