How would I bypass a certain type of login?

Discuss the many weaknesses of browser security and ways to mitigate the threat

How would I bypass a certain type of login?

Post by KiwiBird345 on Sun Apr 04, 2010 8:06 pm
([msg=37715]see How would I bypass a certain type of login?[/msg])

Just a quick question, in a login that looks like this
Image
How exactly could I bypass that or what kind of SQL injection would I use?
Last edited by KiwiBird345 on Sat Apr 10, 2010 8:36 pm, edited 1 time in total.
KiwiBird345
New User
New User
 
Posts: 3
Joined: Sun Apr 04, 2010 8:02 pm
Blog: View Blog (0)


Re: How would I bypass a certain type of login?

Post by Goatboy on Sun Apr 04, 2010 9:01 pm
([msg=37721]see Re: How would I bypass a certain type of login?[/msg])

By SQ are you referring to Stagnant Quail?

Assuming you meant "SQL" instead, you should know that not all logins use SQL. You're generally going to see that on web sites. I really doubt the pic is of a website.

What you're looking at might be NetBIOS or SMB. That's basically how Windows shares printers, server space, etc. in a network. As far as exploiting it, you should search for any vulnerabilities in that version. I know that's probably not what you wanted to hear, but it's the only advice I'm giving at this point.
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2752
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: How would I bypass a certain type of login?

Post by Overlord5 on Mon Apr 05, 2010 11:23 pm
([msg=37757]see Re: How would I bypass a certain type of login?[/msg])

If you're trying to access a network use admin as the password. Assuming you're using this to access your own network you've probably left it blank since you don't know how to do this. As for accessing a network such as a school or office if you're using a network drive to login, then use your username for that and password. Hope this helps some.
Overlord5
New User
New User
 
Posts: 23
Joined: Mon Apr 05, 2010 10:56 pm
Blog: View Blog (0)


Re: How would I bypass a certain type of login?

Post by cen on Wed Apr 07, 2010 1:30 am
([msg=37827]see Re: How would I bypass a certain type of login?[/msg])

SQL injection has NOTHING to do with this, unless it's a 'fake' window.

This is a Windows permissions box. Goatboy is right, and considering he's a moderator - I'm amazed this thread isn't already in the graveyard.

Read the message - The answer is already directly in your face. Microsoft LITERALLY tells you how to bypass it.
Patience, research (in your case - LOTS of research) and possibly some creativity will provide results for you.

I would stop what you're doing before you get yourself into trouble. Honestly, you don't have enough experience, which almost certainly means you don't respect what you're attempting to do.

If you haven't figured it out yet - This is beyond you at this point without being a 'skiddie'.

Go read, then read some more. Get a job as an administrator, love and care for a network of your own that gets used by others on a daily basis - Realize how upset you'd be if someone then hacked and played with your hardware and destroyed hours of work that you put into your network. This obviously isn't your network, or you would just give yourself the permissions.

Don't get me wrong, I'm not trying to bash you - I'm not like that... But you clearly have much to learn, and HOW you ask questions makes a big difference, not to mention gives the rest of us in the scene a bad name. The answers you're searching for are even already on this site as well as many others.

Deductive reasoning tells me that you just want to download the solution though... In which case: You should read the DISCLAIMER @ the bottom of the page...

Otherwise: Are you up to the challenge?
User avatar
cen
Experienced User
Experienced User
 
Posts: 77
Joined: Mon Jun 30, 2008 1:06 pm
Blog: View Blog (0)


Re: How would I bypass a certain type of login?

Post by KiwiBird345 on Sat Apr 10, 2010 8:38 pm
([msg=38042]see Re: How would I bypass a certain type of login?[/msg])

I don't see how exactly this would be in the graveyard, It's not like I'm asking how I crack passwords for it. And if you don't have anything useful to say, don't post.
KiwiBird345
New User
New User
 
Posts: 3
Joined: Sun Apr 04, 2010 8:02 pm
Blog: View Blog (0)


Re: How would I bypass a certain type of login?

Post by orwell84 on Sat Apr 10, 2010 8:58 pm
([msg=38044]see Re: How would I bypass a certain type of login?[/msg])

KiwiBird345 wrote:I don't see how exactly this would be in the graveyard, It's not like I'm asking how I crack passwords for it.

With all due respect, it is a fairly specific question. That's what would make one tend to think that it might be illegal. I would suggest something along the lines of what cen said, but change one thing: make your own network, and then hack into it yourself. Seriously, if you are trying to break into someone else's network, at least have the common sense to try it on yourself first, and then see if you can detect it. Even better advice would be not to break into someone else's network. But I assume that you are not trying to in the first place.
An additional way to gain unauthorized access to this would be to sniff network traffic going to the server you're trying to get into. You could set up a network made of a server and two clients. One of the clients could send their credentials, and if the other was sniffing network traffic you could be able to capture the packets that were sent, and discern the password from those packets. The dialog does say that it's using an insecure method of transmission, which probably means that the credentials aren't encrypted.
Mens et manus.
User avatar
orwell84
Poster
Poster
 
Posts: 112
Joined: Fri Feb 20, 2009 8:20 pm
Blog: View Blog (0)


Re: How would I bypass a certain type of login?

Post by IncandescentLight on Sat Apr 10, 2010 9:21 pm
([msg=38046]see Re: How would I bypass a certain type of login?[/msg])

You could use WireShark if the packets aren't encoded when sent or Cain and Abel which will help you to crack the packets. The downside of this is that you have to wait for someone with the right credentials to login, and that may take awhile/never happen, depending on what kind of network you are breaking into.

Option 2 is like what GoatBoy said, find a vulnerability. Use NMap(or any type of port scanner), find what services it is running on and google the services along with their version number to find an exploit. Alternatively, you can search at http://www.milw0rm.com for those.
Speak softly and carry a big stick -Theodore Roosevelt

http://www.rhetoricalcatch.blogspot.com
User avatar
IncandescentLight
Poster
Poster
 
Posts: 216
Joined: Sun Apr 27, 2008 3:16 am
Blog: View Blog (0)


Re: How would I bypass a certain type of login?

Post by KiwiBird345 on Sun Apr 11, 2010 4:51 am
([msg=38095]see Re: How would I bypass a certain type of login?[/msg])

I'm not trying to break into anyone's network or do anything illegal. I don't see why anyone would assume so. It's for a website, when I click a certain link, that pops up. If I click cancel, it redirects me to another page. The black bars are covering a website name that my friend owns. It's not a network or anything like that.

I actually managed to get in for a bit, somehow, after looking around at the source of the page, but after a few more pages, it started popping up again
KiwiBird345
New User
New User
 
Posts: 3
Joined: Sun Apr 04, 2010 8:02 pm
Blog: View Blog (0)


Re: How would I bypass a certain type of login?

Post by sanddbox on Sun Apr 11, 2010 11:51 am
([msg=38107]see Re: How would I bypass a certain type of login?[/msg])

KiwiBird345 wrote:I'm not trying to break into anyone's network or do anything illegal. I don't see why anyone would assume so. It's for a website, when I click a certain link, that pops up. If I click cancel, it redirects me to another page. The black bars are covering a website name that my friend owns. It's not a network or anything like that.


....That would be hacking a website....
Image

HTS User Composition:
95% Male
4.98% Female
.01% Monica
.01% Goat
User avatar
sanddbox
Expert
Expert
 
Posts: 2337
Joined: Sat Jul 04, 2009 5:20 pm
Blog: View Blog (0)



Return to Web

Who is online

Users browsing this forum: No registered users and 0 guests