The New EstBasic 10

Learn how to do code review

Re: The New EstBasic 10

Post by anonHacker on Fri Jan 09, 2009 10:09 am
([msg=15814]see Re: The New EstBasic 10[/msg])

psmak wrote:Hmmm, I copy/pasted the code into a bat file and played around a bit with injection until I got the heart warming "You have been authenticated. Welcome aboard!". However, posting my solution resulted in nothing, regardless of capitilization. I tried a few variations, which all work with the bat file, but none are accepted as The Right Answer. Any hints on the format that will actually give me some points? :)

I coded a rather thorough validator for this extbasic, so unless you're doing extraneous crap, it should validate properly.

If that's not the case and it works in the batch, but the validator isn't accepting it, then are you sure you're "circumventing authentication altogether"? *nudge*
anonHacker
Experienced User
Experienced User
 
Posts: 76
Joined: Sun Jul 27, 2008 10:51 am
Blog: View Blog (0)


Re: The New EstBasic 10

Post by travmanx on Fri Jan 23, 2009 10:41 pm
([msg=16889]see Re: The New EstBasic 10[/msg])

I am confused on what the mission is calling for. I am trying to get the batch to allow me authentation without checking if the password input is equal to 1065435274 or not? So its more logic than knowing how the batch file operates...
travmanx
New User
New User
 
Posts: 18
Joined: Tue Jan 20, 2009 10:53 am
Blog: View Blog (0)


Re: The New EstBasic 10

Post by dwmead03 on Fri Jan 30, 2009 1:07 pm
([msg=17102]see Re: The New EstBasic 10[/msg])

Enjoyed this mission. Took me a while to realize why exactly it wasn't commenting out the remaining characters, but once I figured that out it was a piece of cake. :D
User avatar
dwmead03
New User
New User
 
Posts: 30
Joined: Mon Apr 14, 2008 11:34 pm
Location: KY
Blog: View Blog (0)


Re: The New EstBasic 10

Post by travmanx on Fri Jan 30, 2009 3:22 pm
([msg=17110]see Re: The New EstBasic 10[/msg])

So are you changing part of the code for the answer like the previous ones? Or are you inserting a value to crash the batch to let you have access (overflow)?
travmanx
New User
New User
 
Posts: 18
Joined: Tue Jan 20, 2009 10:53 am
Blog: View Blog (0)


Re: The New EstBasic 10

Post by mutants_r_us_guild on Sun Feb 01, 2009 1:54 am
([msg=17197]see Re: The New EstBasic 10[/msg])

travmanx wrote:So are you changing part of the code for the answer like the previous ones? Or are you inserting a value to crash the batch to let you have access (overflow)?


No overflow.. think SQL injection. Comment some things out and make some the if statement always true. Then you can make it do whatever you want :D
Image
Image
Image
User avatar
mutants_r_us_guild
Poster
Poster
 
Posts: 246
Joined: Fri May 30, 2008 7:56 pm
Blog: View Blog (0)


Re: The New EstBasic 10

Post by peroxide on Thu Mar 26, 2009 3:21 am
([msg=20575]see Re: The New EstBasic 10[/msg])

In which book did you learn to use "%~0" and "%CHARACTERPOSITION%" ?
I never saw such thing!

I recommend these websites for anyone who is in the needs.
http://www.ss64.com/
http://commandwindows.com/


Now I'll show you some other Ms-Dos uncommon stuff...

exploiting NTFS Alternate Datastream
--------------------------------------------
type %secret% > %front%:%secret%
----------------------------------------------
start .\%front%:%secret%
----------------------------------------------
peroxide
New User
New User
 
Posts: 6
Joined: Wed Mar 25, 2009 2:54 am
Blog: View Blog (0)


Re: The New EstBasic 10

Post by anonHacker on Wed Apr 01, 2009 1:53 pm
([msg=20995]see Re: The New EstBasic 10[/msg])

No book. Just fifteen years of experience abusing batch scripts.

By the way, you might want to clarify that that only works on NTFS formatted partitions, and that's Alternate Data Streams. If you want to see your ADS on Windows XP, use this. On Vista, just typing DIR /R will do the trick or you can use the program I just linked.
Last edited by anonHacker on Thu Feb 28, 2013 12:38 pm, edited 2 times in total.
anonHacker
Experienced User
Experienced User
 
Posts: 76
Joined: Sun Jul 27, 2008 10:51 am
Blog: View Blog (0)


Re: The New EstBasic 10

Post by _-Enigma-_ on Thu Apr 02, 2009 9:25 pm
([msg=21083]see Re: The New EstBasic 10[/msg])

So i guess there is a reason why only 169 people have completed this :lol:

You will have to excuse me, as im a live-long linux user (saying i hate windows is an understatement), so i have exactly zero knowledge of batch, though it looks quit similar to bash scripting, so its marginally readable to me.

According to the article, (and logic), you have to effectively comment out the remainder of the line in your input yes? Well just how are you supposed to do that? EVERY book/website/article ive read on batch scripting says there are only two ways of writing comments, and both of them have to be at the start of the line! Its pretty simple how to exploit the script, but i cannot for the life of me figure out how to 'chop off' the rest.

Can anyone shed some light on this? or at least point me in the right direction. Thanks.
Shakespeare asked: to be? or not to be? ... that is the question.
Fortunately, computers have given us the answer:
0x2b | ~0x2b = 0xFF
User avatar
_-Enigma-_
New User
New User
 
Posts: 12
Joined: Tue Feb 10, 2009 7:36 am
Location: /root
Blog: View Blog (0)


Re: The New EstBasic 10

Post by mutants_r_us_guild on Fri Apr 03, 2009 6:38 pm
([msg=21124]see Re: The New EstBasic 10[/msg])

_-Enigma-_ wrote:So i guess there is a reason why only 169 people have completed this :lol:

You will have to excuse me, as im a live-long linux user (saying i hate windows is an understatement), so i have exactly zero knowledge of batch, though it looks quit similar to bash scripting, so its marginally readable to me.

According to the article, (and logic), you have to effectively comment out the remainder of the line in your input yes? Well just how are you supposed to do that? EVERY book/website/article ive read on batch scripting says there are only two ways of writing comments, and both of them have to be at the start of the line! Its pretty simple how to exploit the script, but i cannot for the life of me figure out how to 'chop off' the rest.

Can anyone shed some light on this? or at least point me in the right direction. Thanks.



"and both of them have to be at the start of the line"

&& ends the last command and starts a new one.. so basically.. a new line :P
Image
Image
Image
User avatar
mutants_r_us_guild
Poster
Poster
 
Posts: 246
Joined: Fri May 30, 2008 7:56 pm
Blog: View Blog (0)


Re: The New EstBasic 10

Post by _-Enigma-_ on Wed Apr 22, 2009 7:03 am
([msg=22312]see Re: The New EstBasic 10[/msg])

mutants_r_us_guild wrote:
_-Enigma-_ wrote:So i guess there is a reason why only 169 people have completed this :lol:

You will have to excuse me, as im a live-long linux user (saying i hate windows is an understatement), so i have exactly zero knowledge of batch, though it looks quit similar to bash scripting, so its marginally readable to me.

According to the article, (and logic), you have to effectively comment out the remainder of the line in your input yes? Well just how are you supposed to do that? EVERY book/website/article ive read on batch scripting says there are only two ways of writing comments, and both of them have to be at the start of the line! Its pretty simple how to exploit the script, but i cannot for the life of me figure out how to 'chop off' the rest.

Can anyone shed some light on this? or at least point me in the right direction. Thanks.



"and both of them have to be at the start of the line"

&& ends the last command and starts a new one.. so basically.. a new line :P


Haha, why i never thought of that is beyond me, especially as it is common-practice in bash, solved it finally! I was looking at the wrong quotes when trying to exploit the script lol, go figure :D

Thanks mutants!
Last edited by _-Enigma-_ on Fri Apr 24, 2009 3:15 pm, edited 1 time in total.
Shakespeare asked: to be? or not to be? ... that is the question.
Fortunately, computers have given us the answer:
0x2b | ~0x2b = 0xFF
User avatar
_-Enigma-_
New User
New User
 
Posts: 12
Joined: Tue Feb 10, 2009 7:36 am
Location: /root
Blog: View Blog (0)


PreviousNext

Return to Extended Basics

Who is online

Users browsing this forum: No registered users and 0 guests