CSRF. **testing page - view at your own risk**

General technological topics without their own forum go here

Re: CSRF logout. **testing page - view at your own risk**

Post by hellow533 on Fri Apr 05, 2013 3:31 am
([msg=74926]see Re: CSRF logout. **testing page - view at your own risk**[/msg])

Makes me wonder
Image

-- Fri Apr 05, 2013 9:19 pm --

Supposedly that would make you pass realistic 1 while bypassing the need for a session ID. I'm extremely rusty though but if it works more power to you.
“Teach me how to hack!”
"What, like, with an axe?"
User avatar
hellow533
Contributor
Contributor
 
Posts: 506
Joined: Thu Jan 29, 2009 3:27 pm
Blog: View Blog (0)


Re: CSRF logout. **testing page - view at your own risk**

Post by pretentious on Fri Apr 05, 2013 7:41 am
([msg=74927]see Re: CSRF logout. **testing page - view at your own risk**[/msg])

Just making sure i understand the logic behind these. When i view these posts, my browser is requesting the URLs in the image tags to display an image but instead, it runs a script. The equivelant to me pasting the URL into my address bar?
Goatboy wrote:Oh, that's simple. All you need to do is dedicate many years of your life to studying security.

IF you feel like exchanging ASCII arrays, let me know ;)
pretentious wrote:Welcome to bat country
User avatar
pretentious
Contributor
Contributor
 
Posts: 573
Joined: Wed Mar 03, 2010 12:48 am
Blog: View Blog (0)


Re: CSRF logout. **testing page - view at your own risk**

Post by limdis on Fri Apr 05, 2013 10:15 am
([msg=74929]see Re: CSRF logout. **testing page - view at your own risk**[/msg])

3vilp4wn wrote:Once someone with FLAGB privs views this page...

It's flagged but it wasn't me. lol


hellow533 wrote:Supposedly that would make you pass realistic 1 while bypassing the need for a session ID. I'm extremely rusty though but if it works more power to you.

Testing, not working. Keep at it.


pretentious wrote:Just making sure i understand the logic behind these. When i view these posts, my browser is requesting the URLs in the image tags to display an image but instead, it runs a script. The equivelant to me pasting the URL into my address bar?

Yes. Here read this: Cross-Site Request Forgery
"The quieter you become, the more you are able to hear..."
"Drink all the booze, hack all the things."
User avatar
limdis
Moderator
Moderator
 
Posts: 1311
Joined: Mon Jun 28, 2010 5:45 pm
Blog: View Blog (0)


Re: CSRF logout. **testing page - view at your own risk**

Post by 3vilp4wn on Fri Apr 05, 2013 10:27 am
([msg=74930]see Re: CSRF logout. **testing page - view at your own risk**[/msg])

limdis wrote:It's flagged...

:D :) :mrgreen: :D :) :mrgreen: :D :) :mrgreen:

pretentious wrote:Just making sure i understand the logic behind these. When i view these posts, my browser is requesting the URLs in the image tags to display an image but instead, it runs a script. The equivelant to me pasting the URL into my address bar?

Read this article I wrote.

hellow533 wrote:Makes me wonder<br>Image

-- Fri Apr 05, 2013 9:19 pm --

Supposedly that would make you pass realistic 1 while bypassing the need for a session ID. I'm extremely rusty though but if it works more power to you.

Look at this post.

-- Fri Apr 05, 2013 3:52 pm --

hellow533 wrote:Makes me wonder
Code: Select all
[img]https://www.hackthissite.org/missions/realistic/1/v.php?auth=true&id=3&vote=50[/img]


-- Fri Apr 05, 2013 9:19 pm --

Supposedly that would make you pass realistic 1 while bypassing the need for a session ID. I'm extremely rusty though but if it works more power to you.


Looking at it more, that requires a GET to v.php, with 2 vars: the session ID, and the vote. You don't have the SID, so you can't make someone pass it :(
Look into the tamper data plugin for firefox when you're trying to make CSRF requests.

-- Fri Apr 05, 2013 3:59 pm --

Image

EDIT: Damn you and your post requests!

-- Fri Apr 05, 2013 4:32 pm --

Code: Select all
[img]https://www.hackthissite.org/pages/irc/link.php?nick=limdis&mode=reject[/img]

Limdis, this one is aimed at you...
But I'm being nice on you, it only rejects the link to HTS, doesn't delete your account.

-- Fri Apr 05, 2013 4:54 pm --

Also, note that the admin vote page is vulnerable to CSRF, /but/, I don't know how to exploit it :cry:

-- Fri Apr 05, 2013 5:50 pm --

Code: Select all
[img]https://www.hackthissite.org/pages/irc/link.php?nick=e3cb&mode=updatetype&newtype=bot[/img]

Ok e3cb, you're a bot now :lol:

-- Thu Apr 11, 2013 5:11 am --

Code: Select all
[img]https://www.hackthissite.org/pages/irc/link.php?nick=silic0n&mode=reject[/img]

Here's your example!
Do not mistake understanding for realization, and do not mistake realization for liberation
Evil Ninja Hackers
???
٩(͡๏̯͡๏)۶

1A4EAMboaXpgvUSmtRbVRqbfJrbyuGhyoo
User avatar
3vilp4wn
Poster
Poster
 
Posts: 144
Joined: Sun Feb 10, 2013 2:05 am
Location: The darkness.
Blog: View Blog (0)


Re: CSRF. **testing page - view at your own risk**

Post by 5ilic0n on Thu Apr 11, 2013 12:31 am
([msg=75043]see Re: CSRF. **testing page - view at your own risk**[/msg])

This was cool. I didn't know about CSRF until now :)
You have to be subtle, but it can be a great tool. Thanks!
5ilic0n
New User
New User
 
Posts: 22
Joined: Sat Apr 06, 2013 3:08 am
Blog: View Blog (0)


Re: CSRF. **testing page - view at your own risk**

Post by 3vilp4wn on Thu Apr 11, 2013 12:35 am
([msg=75044]see Re: CSRF. **testing page - view at your own risk**[/msg])

Ok mShred, here's for this:

Code: Select all
<mShred> Just used the forums to grant him js 3?
<mShred> He should do an actual exploit with it
<mShred> Then get some real HOF points
<limdis> well he is well on his way to do doing so


Image
How's that for a "actual exploit"

Sorry about that, just wanted the devs to take notice.
EDIT:
Also, for future reference in case it deletes it:
mshred 6464 32883 84
Do not mistake understanding for realization, and do not mistake realization for liberation
Evil Ninja Hackers
???
٩(͡๏̯͡๏)۶

1A4EAMboaXpgvUSmtRbVRqbfJrbyuGhyoo
User avatar
3vilp4wn
Poster
Poster
 
Posts: 144
Joined: Sun Feb 10, 2013 2:05 am
Location: The darkness.
Blog: View Blog (0)


Re: CSRF. **testing page - view at your own risk**

Post by hellow533 on Thu Apr 11, 2013 1:48 am
([msg=75045]see Re: CSRF. **testing page - view at your own risk**[/msg])

This will work eventually.
Image
Image
Image
Image
If 3vilp4wn sees this, it should unlink you and your irc name.
“Teach me how to hack!”
"What, like, with an axe?"
User avatar
hellow533
Contributor
Contributor
 
Posts: 506
Joined: Thu Jan 29, 2009 3:27 pm
Blog: View Blog (0)


Re: CSRF. **testing page - view at your own risk**

Post by 3vilp4wn on Thu Apr 11, 2013 7:34 pm
([msg=75066]see Re: CSRF. **testing page - view at your own risk**[/msg])

Nice. As for your 3vilp4wn and evilp4wn confusion, it goes by *irc* username.
Do not mistake understanding for realization, and do not mistake realization for liberation
Evil Ninja Hackers
???
٩(͡๏̯͡๏)۶

1A4EAMboaXpgvUSmtRbVRqbfJrbyuGhyoo
User avatar
3vilp4wn
Poster
Poster
 
Posts: 144
Joined: Sun Feb 10, 2013 2:05 am
Location: The darkness.
Blog: View Blog (0)


Re: CSRF. **testing page - view at your own risk**

Post by hellow533 on Thu Apr 11, 2013 8:12 pm
([msg=75069]see Re: CSRF. **testing page - view at your own risk**[/msg])

Yeah I know, but I didn't want to go back to your profile so I put both evil and 3vil, didn't remember if I saw 3 or e.

I see most bug reports on CSRF I saw are covered already :D

-- Fri Apr 12, 2013 3:57 pm --

This may or may not make you pass all but one javascript mission, it depends on if the javascript determines the points being awarded, or if it's determined just by going to the link.

Code: Select all
[img]https://www.hackthissite.org/missions/javascript/1/?lvl_password=xxxxxxx[/img]
[img]https://www.hackthissite.org/missions/javascript/2/index.php?challengePass=xxxxxx[/img]
[img]https://www.hackthissite.org/missions/javascript/4/?lvl_password=xxx[/img]
[img]https://www.hackthissite.org/missions/javascript/5/?lvl_password=xxxxxxxx[/img]
[img]https://www.hackthissite.org/missions/javascript/6/?lvl_password=xxxxxxxx[/img]
[img]https://www.hackthissite.org/missions/javascript/7/?lvl_password=xxxxxx[/img]
Last edited by hellow533 on Thu Apr 11, 2013 11:26 pm, edited 2 times in total.
“Teach me how to hack!”
"What, like, with an axe?"
User avatar
hellow533
Contributor
Contributor
 
Posts: 506
Joined: Thu Jan 29, 2009 3:27 pm
Blog: View Blog (0)


Re: CSRF. **testing page - view at your own risk**

Post by hellow555 on Thu Apr 11, 2013 10:16 pm
([msg=75071]see Re: CSRF. **testing page - view at your own risk**[/msg])

That just covered 1 4 5 6 and 7 for javascript missions. That's the majority of them, from csrf alone. I think you can award points for that.
hellow555
New User
New User
 
Posts: 1
Joined: Thu Apr 11, 2013 2:11 am
Blog: View Blog (0)


PreviousNext

Return to General

Who is online

Users browsing this forum: No registered users and 0 guests