Extended Basic 7

Learn how to do code review

Re: Extended Basic 7

Post by Monkey_master on Fri Aug 31, 2012 4:05 am
([msg=69074]see Re: Extended Basic 7[/msg])

When I try to enter the code , it says " Error! CSRF attack blocked " What's with that?
Monkey_master
New User
New User
 
Posts: 1
Joined: Wed Aug 01, 2012 6:53 am
Blog: View Blog (0)


Re: Extended Basic 7

Post by ChronosX on Thu Jan 10, 2013 5:15 pm
([msg=72185]see Re: Extended Basic 7[/msg])

This mission is bad. Why? Using <?= ?> tags makes the code more unreadable and it isn't on the first page of the PHP reference linked below. You don't need $_SERVER['PHP_SELF'], leaving it blank like <form action=""> will work fine. This also mission suggests that using htmlspecialchars() will prevent XSS it might in this case but often it is not enough.

Good resources:

http://markjaquith.wordpress.com/2009/09/21/php-server-vars-not-safe-in-forms-or-links/
http://www.wonko.com/post/html-escaping
http://blog.astrumfutura.com/2012/03/a-hitchhikers-guide-to-cross-site-scripting-xss-in-php-part-1-how-not-to-use-htmlspecialchars-for-output-escaping/
ChronosX
New User
New User
 
Posts: 8
Joined: Mon Dec 20, 2010 4:31 pm
Blog: View Blog (0)


Re: Extended Basic 7

Post by fashizzlepop on Thu Jan 10, 2013 6:58 pm
([msg=72187]see Re: Extended Basic 7[/msg])

The point of this mission isn't to show good coding practices. In fact, quite the opposite. It is geared toward having you read other people's code, spot bugs, and patch them.
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.
User avatar
fashizzlepop
Developer
Developer
 
Posts: 2303
Joined: Sat May 24, 2008 1:20 pm
Blog: View Blog (0)


Re: Extended Basic 7

Post by jeremia on Thu Jan 10, 2013 8:33 pm
([msg=72189]see Re: Extended Basic 7[/msg])

i finally got it, i've typed the solution 5 times just because i added a ; at the and of my php =)
please, fix your validation code xD
jeremia
New User
New User
 
Posts: 1
Joined: Thu Jan 10, 2013 8:27 pm
Blog: View Blog (0)


Re: Extended Basic 7

Post by fashizzlepop on Fri Jan 11, 2013 2:49 am
([msg=72194]see Re: Extended Basic 7[/msg])

jeremia wrote:i finally got it, i've typed the solution 5 times just because i added a ; at the and of my php =)
please, fix your validation code xD

Again, you should try and change as little as possible and stick to the conventions.
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.
User avatar
fashizzlepop
Developer
Developer
 
Posts: 2303
Joined: Sat May 24, 2008 1:20 pm
Blog: View Blog (0)


Re: Extended Basic 7

Post by Pyrox6969 on Sat Jan 19, 2013 10:37 am
([msg=72373]see Re: Extended Basic 7[/msg])

WOW you guys think you got it bad, Here is a big hint for anyone like me

USE ' ' as your quotes and NOT " "

spent hours trying to get this thing, and that was the problem the whole time. wow time for a cig, im pissed
Pyrox6969
New User
New User
 
Posts: 1
Joined: Sat Jan 19, 2013 3:24 am
Blog: View Blog (0)


Re: Extended Basic 7

Post by fashizzlepop on Sun Jan 20, 2013 9:01 am
([msg=72409]see Re: Extended Basic 7[/msg])

Pyrox6969 wrote:WOW you guys think you got it bad, Here is a big hint for anyone like me<br><br>USE ' ' as your quotes and NOT " " <br><br>spent hours trying to get this thing, and that was the problem the whole time. wow time for a cig, im pissed


That's why for these missions if your solution isn't working, make sure you are using the conventions set forth in the rest of the mission.
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.
User avatar
fashizzlepop
Developer
Developer
 
Posts: 2303
Joined: Sat May 24, 2008 1:20 pm
Blog: View Blog (0)


Re: Extended Basic 7

Post by voodooKobra on Sun Nov 17, 2013 3:30 am
([msg=78212]see Re: Extended Basic 7[/msg])

I think removing the action="" is probably the best practice for patching it, since browsers will automatically forward the user to the correct page. (This isn't an accepted solution, however.)
voodooKobra
New User
New User
 
Posts: 1
Joined: Sat Nov 16, 2013 9:53 pm
Blog: View Blog (0)


Re: Extended Basic 7

Post by CovertMagic on Thu Feb 27, 2014 1:23 pm
([msg=79674]see Re: Extended Basic 7[/msg])

I too, am not old enough for this mission, I think!

HTML4 - action is "required" (though afaik browsers will default correctly):
http://www.w3.org/TR/html4/interact/forms.html#h-17.3

HTML5 - not required, features an example without it:
http://www.w3.org/html/wg/drafts/html/master/forms.html#attr-fs-action

and therefore I favour deleting spurious/vulnerable code over patching...
CovertMagic
New User
New User
 
Posts: 8
Joined: Fri Feb 21, 2014 6:23 pm
Blog: View Blog (0)


Re: Extended Basic 7

Post by kumaus on Thu Oct 09, 2014 4:13 pm
([msg=84038]see Re: Extended Basic 7[/msg])

It seems this mission is getting a lot of bad press. Strange as it seems, I actually liked it; I learned more than in the previous ext missions combined. The vulnerability shown here was new to me, looks pretty realistic and was quite an eye-opener. It is of course easy to make a wrong assumption about what to fix and then tear your hair out in frustration (which I certainly did). Collecting some things to watch out for (mostly repeats of things spread out over the previous 7 pages):
  • There are many things one could do different / better in this script. However, that is not the task here. Please remember that this mission is aimed at beginners like me, with the goals of illustrating a particular vulnerability and of showing a simple way of improving the situation
  • Read the intro carefully; the line to be fixed is a logical consequence of the task given (one easy bug and one vuln in a single line)
  • To solve this, you need to be very clear about the difference between what is written in the php script and what the browser shows to the user. If in doubt, try it out!
  • There are several different ways of fixing the line, only one of which is accepted as answer. Try to find an option which preserves the basic approach in the script and is minimally invasive (i.e. only changes those characters which actually enable this particular vulnerability)
  • Information about vulnerability and remedy are easy to find in the net
  • In order to avoid grief, copy the line to be fixed into a text editor, and take care not to introduce extra spaces
kumaus
New User
New User
 
Posts: 1
Joined: Thu Oct 09, 2014 3:37 pm
Blog: View Blog (0)


Previous

Return to Extended Basics

Who is online

Users browsing this forum: No registered users and 0 guests