A little pen test help

General technological topics without their own forum go here

A little pen test help

Post by PewDiePie on Tue Jul 02, 2013 3:46 am
([msg=76311]see A little pen test help[/msg])

I am new to pen test world and have got a simple project
The project is to gain admin access to a website

Function of website:
1.The website is simple html and not sql vulnerable
2. It has admin login page at home which reads has "/admin/login.htm"
3. Dictionary attacks wont work cause website is in regional language so do the password.
4. Wrong login gives error message "Invalid/username/password"


I want you guys to give me a hint on how to admin access through this kind of websites.

-- Tue Jul 02, 2013 3:47 am --

can any1 please? :cry:

Approved. Just make sure to keep it clean. ~Cent
PewDiePie
New User
New User
 
Posts: 7
Joined: Tue Jul 02, 2013 3:39 am
Blog: View Blog (0)


Re: A little pen test help

Post by -Ninjex- on Tue Jul 02, 2013 3:51 am
([msg=76312]see Re: A little pen test help[/msg])

Hrmmm, the URL is fake, so that's a plus. However, this is a bit sketchy on the TOS side of hackthissite. So, before I try to even help here, I am going to have to wait to get an okay from a mod/admin.
Spreading knowledge just once a day, can help keep the script kiddies away ⠠⠵
no_hope if world.map{|person, ic = 0| ic +=1 if ignorance.include?(person)}.compact.length > (world.length / 2)
The absence of evidence is not evidence of absence.
User avatar
-Ninjex-
Addict
Addict
 
Posts: 1059
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: A little pen test help

Post by PewDiePie on Tue Jul 02, 2013 3:55 am
([msg=76313]see Re: A little pen test help[/msg])

any mods please approve and thankx ninjex for reply.. its school project :(
PewDiePie
New User
New User
 
Posts: 7
Joined: Tue Jul 02, 2013 3:39 am
Blog: View Blog (0)


Re: A little pen test help

Post by brutal_hacker on Tue Jul 02, 2013 4:55 pm
([msg=76325]see Re: A little pen test help[/msg])

If its for a school project you should really build your own web servers and pentest them you will get more points for creating a server and patching said code. You don't want to go down a dark road and end up being kicked off your course.

Why not do some missions on this site. Or if you think there is a vulnerability in a section of a website Google ways to test it.
brutal_hacker
Experienced User
Experienced User
 
Posts: 58
Joined: Fri Apr 19, 2013 1:03 pm
Blog: View Blog (0)


Re: A little pen test help

Post by PewDiePie on Wed Jul 03, 2013 2:29 am
([msg=76331]see Re: A little pen test help[/msg])

they hav assigned me a particular website.. if i am sucessful in cracking the admin access i get to join pen test cource


and yes the website has directory open and since i am new.. i reallly dnt understand any html hack.. i juz can sql
PewDiePie
New User
New User
 
Posts: 7
Joined: Tue Jul 02, 2013 3:39 am
Blog: View Blog (0)


Re: A little pen test help

Post by brutal_hacker on Wed Jul 03, 2013 3:32 pm
([msg=76336]see Re: A little pen test help[/msg])

First off they want you to pen test a site so you can join the course? Why would you want to join if you know how to do it. Im guessing it must be an advance course.

Alot of people who want to get into pen testing learn from books like

The Web Application Hackers handbook 2 - For webpages great read covers alot of topics.
Also they gain knowledge on juniper or Cisco I recommend Cisco Security you can grab a book fairly cheap. ( But make sure you know the fundamentals of networking first)

Id recommend saving up and taking a course like the one Offensive security offer http://www.offensive-security.com/information-security-training/penetration-testing-with-backtrack/

It wont teach you everything but at the end you get to put your skills to the test in a real situation.

Now for your site look at the source code see if there is anything that can be exploited test everything. Not everyone is suited to be a pen tester its more of a mind set.
brutal_hacker
Experienced User
Experienced User
 
Posts: 58
Joined: Fri Apr 19, 2013 1:03 pm
Blog: View Blog (0)


Re: A little pen test help

Post by counterhash on Wed Jul 03, 2013 8:14 pm
([msg=76337]see Re: A little pen test help[/msg])

If you're not doing an SQL injection, might I suggest moving through the basic and realistic missions here? Many of them include pure html challenges, ans will give you a start as to wgat you're looking for.
If you use del \system32\ and not rm - rf / you are quite clearly doing it wrong.
counterhash
New User
New User
 
Posts: 11
Joined: Fri Jun 28, 2013 7:04 am
Location: Somewhere
Blog: View Blog (0)


Re: A little pen test help

Post by PewDiePie on Thu Jul 04, 2013 11:08 am
([msg=76339]see Re: A little pen test help[/msg])

i had done all missions here with my old account and thank you all.. I will refer to that handbook . And yes its a kind of advance cource and i want to catch up for pen test quick. Therefore i am jumping right to the advance cources. :lol: .


That website has javascript login: Below is script for login.js
$(document).ready(function() {
$('#txtPassword').keypress(function(e) {

var code = e.keyCode ? e.keyCode : e.which;

if (code == 13) {
$("#btnLogin").click();
}




});
sessvars.myObj = {};
$("#txtName").focus();
$("#btnReset").click(function() {
$("#txtName").focus();
$("#txtName").val('');
$("#txtPassword").val('');
$("#divMsg").removeClass("informationmessageDiv");
$("#divMsg").empty();

}
);
$("#btnLogin").click(function() {

$.ajax({
type: "POST",
url: "login.asp",
dataType: "application/x-www-form-urlencoded",
data: "username=" + $("#txtName").val() + "&userpassword=" + $("#txtPassword").val(),
async: false,
complete:function(r1,r2){},
success: function(msg) {

if (msg == 1) {
sessvars.myObj = { name: $("#txtName").val() };
window.location.href = "jfdjfdsjkfs.htm";
}
else {
$("#divMsg").removeClass("informationmessageDiv");
$("#divMsg").addClass("informationmessageDiv");

$("#divMsg").html("Invalid Username or Password,Please try again.");

}
}
});


}
);


});
PewDiePie
New User
New User
 
Posts: 7
Joined: Tue Jul 02, 2013 3:39 am
Blog: View Blog (0)


Re: A little pen test help

Post by r-ID on Thu Jul 04, 2013 5:25 pm
([msg=76342]see Re: A little pen test help[/msg])

if (msg == 1) {
sessvars.myObj = { name: $("#txtName").val() };
window.location.href = "jfdjfdsjkfs.htm";
}


ya, seems like legal hacking challenge.
so set sessvars.myObj to some value
and do javascript:window.location.href = "jfdjfdsjkfs.htm"
or something like that.
Looks like client side hacking trick to me.
Maybe even the simplest javascript:document.location="jfdjfdsjkfs.htm" works.
Another way might be packet editing and changing the result that server gives you.

PM if you still need some help.

Youtube's PDP?
r-ID
Poster
Poster
 
Posts: 172
Joined: Mon Dec 29, 2008 6:04 pm
Blog: View Blog (0)


Re: A little pen test help

Post by PewDiePie on Fri Jul 05, 2013 4:33 am
([msg=76346]see Re: A little pen test help[/msg])

please can say ..what exactly i should edit? I need to do it soon.

Some more data about site:
It has a login.asp scipt which says:

<%@LANGUAGE="VBSCRIPT" CODEPAGE="65001"%>

<!--#include file="Connections/connection.asp" -->

<%

'Page Numbers
Dim username
username = request("username")
Dim password
password = request("userpassword")



Dim RecordsetXML2
Dim RecordsetXML2_cmd
Dim RecordsetXML2_numRows

Set RecordsetXML2_cmd = Server.CreateObject ("ADODB.Command")
RecordsetXML2_cmd.ActiveConnection = MM_MobliqConn_STRING
RecordsetXML2_cmd.CommandText = "SELECT count(*) as countLogin FROM Login WHERE username='"&username&"' AND Password='"&password&"'"
RecordsetXML2_cmd.Prepared = true

Set RecordsetXML2 = RecordsetXML2_cmd.Execute
RecordsetXML2_numRows = 0

Dim total
Dim countRec
total = RecordsetXML2.Fields.Item("countLogin").Value

RecordsetXML2.Close()
Set RecordsetXML2 = Nothing


Response.Write(total)


%>


please guyz i am late for the project :(
PewDiePie
New User
New User
 
Posts: 7
Joined: Tue Jul 02, 2013 3:39 am
Blog: View Blog (0)


Next

Return to General

Who is online

Users browsing this forum: No registered users and 0 guests