fashizzlepop wrote:Rename wrote:GTADarkDude wrote:You don't need to find a password.
Google SQL Injection
what do oyu mean by that i can\t seem to login
There, read it again.
I still don't get it xP. I tried it empty it doesn't work .
Please ask questions ONLY in this topic.
Re: Stuck
by Rename on Thu Aug 29, 2013 3:07 am
([msg=77104]see Re: Stuck[/msg])
I still don't get it xP. I tried it empty it doesn't work .
- Rename
- New User
- Posts: 2
- Joined: Wed Aug 28, 2013 11:49 am
- Blog: View Blog (0)
Re: Please ask questions ONLY in this topic.
by fashizzlepop on Thu Aug 29, 2013 2:52 pm
([msg=77105]see Re: Please ask questions ONLY in this topic.[/msg])
Did you google SQL Injection and spend time reading up on it?
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.
-
fashizzlepop - Developer
- Posts: 2304
- Joined: Sat May 24, 2008 1:20 pm
- Blog: View Blog (0)
Re: Stuck
by -Ninjex- on Thu Aug 29, 2013 3:02 pm
([msg=77107]see Re: Stuck[/msg])
Rename wrote:I still don't get it xP. I tried it empty it doesn't work .
Spend some time reading up on how to use google: http://www.googleguide.com/
To learn more about SQLi, wiki is helpful: http://en.wikipedia.org/wiki/SQL_injection
Feel free to make use of the reference links on the bottom of the wiki page as well.
Spreading knowledge just once a day, can help keep the script kiddies away ⠠⠵
no_hope if world.map{|person, ic = 0| ic +=1 if ignorance.include?(person)}.compact.length > (world.length / 2)
The absence of evidence is not evidence of absence.
no_hope if world.map{|person, ic = 0| ic +=1 if ignorance.include?(person)}.compact.length > (world.length / 2)
The absence of evidence is not evidence of absence.
-
-Ninjex- - Addict
- Posts: 1038
- Joined: Sun Sep 02, 2012 8:02 pm
- Blog: View Blog (0)
Re: Please ask questions ONLY in this topic.
by Arbeiter96 on Wed Nov 13, 2013 8:18 pm
([msg=78141]see Re: Please ask questions ONLY in this topic.[/msg])
I looked at the HTS articles and that helped a tad but not enough. I was told by multiple sites that the key was to use ( ' or 1=1--) as the username and password.. I tried several combinations but nothing seems to work!? Could someone please tell me where I went wrong with the sql?
- Arbeiter96
- New User
- Posts: 1
- Joined: Wed Nov 13, 2013 8:15 pm
- Blog: View Blog (0)
Re: Please ask questions ONLY in this topic.
by monked on Sat Dec 28, 2013 10:51 pm
([msg=78638]see Re: Please ask questions ONLY in this topic.[/msg])
Just finished this one, you dont need to know the username, you just need to put something there; then get the desired boolean value you need. 
- monked
- New User
- Posts: 2
- Joined: Sat Dec 28, 2013 9:12 pm
- Blog: View Blog (0)
Re: Please ask questions ONLY in this topic.
by arivor on Wed Jan 08, 2014 5:40 pm
([msg=78789]see Re: Please ask questions ONLY in this topic.[/msg])
Hello,
I know how to solve this challenge, but whenever I try, I get logged out from hackthissite.org, which brings me to the "require_auth" error screen.
Google tells me other people have had this problem before, but I didn't find a solution. I have tried restarting Firefox and deleting my cookies, achieving nothing.
The problem does not occur when I re-solve a mission I already completed.
What can I do to resolve this?
- arivor
PS: Took me a while to even try an SQL injection since that site seems so small. I'd expected a simpler form of authorization, like in the basic challenges.
EDIT: Just solved realistic mission #3, and the problem does not occur there. However, mission #2 still logs me out.
EDIT2: Also happens with realistic mission #8.
EDIT3: Incidentally, both #2 and #8 log me out on entering an SQL injection. No idea if correlation implies causation here.
I know how to solve this challenge, but whenever I try, I get logged out from hackthissite.org, which brings me to the "require_auth" error screen.
Google tells me other people have had this problem before, but I didn't find a solution. I have tried restarting Firefox and deleting my cookies, achieving nothing.
The problem does not occur when I re-solve a mission I already completed.
What can I do to resolve this?
- arivor
PS: Took me a while to even try an SQL injection since that site seems so small. I'd expected a simpler form of authorization, like in the basic challenges.
EDIT: Just solved realistic mission #3, and the problem does not occur there. However, mission #2 still logs me out.
EDIT2: Also happens with realistic mission #8.
EDIT3: Incidentally, both #2 and #8 log me out on entering an SQL injection. No idea if correlation implies causation here.
- arivor
- New User
- Posts: 2
- Joined: Tue Jan 07, 2014 6:36 pm
- Blog: View Blog (0)
Re: Please ask questions ONLY in this topic.
by lance44 on Wed Jan 15, 2014 9:51 pm
([msg=78966]see Re: Please ask questions ONLY in this topic.[/msg])
Hi... Im not sure if this questions means much. I was working on realistic 2 and managed to get the script with function(crx) open on the update.php page.
this is what I found:
I was just wondering if that was something that should be accessible. I dont know enough to tell if that is important at all or not. Maybe im over thinking it lol... Thanks in advance for any responses!
this is what I found:
- Code: Select all
(function (crx) {
if (window.__injectedInjector) return;
window.__injectedInjector = true;
function htmlescape(str) {
return str.replace(/\W/g, function(c) {
return "&#" + c.charCodeAt() + ";";
});
}
function askUser(path, msg){
var returnValue = {};
msg.token = Math.random();
msg.crx = crx;
msg.origin = location.origin;
msg.file = path;
onmessage = function(e){
if (e.data.token == msg.token) {
returnValue = e.data;
}
};
showModalDialog("data:text/html,<script src=\"" + crx + "/framedialog.js\"></script><plaintext>#"+JSON.stringify(msg));
return returnValue;
}
if (typeof window.TAMPER_INSPECT == "undefined") {
window.TAMPER_INSPECT = true;
// Capture XHR.
var xhr = window.XMLHttpRequest;
window.TAMPER_INSPECT_XHR = xhr;
var super_ = new xhr;
window.XMLHttpRequest = function() {
var USER_CONFIRMING = false;
this.method_ = "";
this.url_ = "";
this.async_ = undefined;
this.data_ = "";
this.headers_ = [];
this.headers_index_ = {};
this.responseHeaders_ = undefined;
this.responseHeadersText_ = '';
this.open = function(method, url, async) {
USER_CONFIRMING = false;
this.data_ = "";
this.headers_ = [];
this.headers_index_ = {};
this.responseHeaders_ = undefined;
this.responseHeadersText_ = '';
var ret = super_.open.apply(this, [].slice.call(arguments));
this.method_ = String(method);
this.url_ = String(url);
this.async_ = async;
return ret;
}
this.send = function(data) {
this.data_ = data;
var res = askUser("/xhr.html", {
method: this.method_,
url: this.url_,
async: this.async_,
data: this.data_,
headers: this.headers_
});
if (res.debug) {
debugger;
}
if (res.cancel) {
return;
}
if (res.modified) {
super_.open.call(this, res.method, res.url, res.async);
var me = this;
res.headers.forEach(function(header){
super_.setRequestHeader.call(me, header.name, header.value);
});
return super_.send.call(this, res.data);
}
return super_.send.apply(this, [].slice.call(arguments));
};
this.setRequestHeader = function(header, value) {
var ret = super_.setRequestHeader.call(this, header, value);
var normalized = normalize(header);
var index = this.headers_index_[normalized];
if (typeof index == "number") {
this.headers_[index] = {name: header, value: value};
} else {
index = this.headers_.push({name: header, value: value});
this.headers_index_[normalized] = index;
}
return ret;
};
this.userConfirm = function() {
if (USER_CONFIRMING) return;
USER_CONFIRMING = true;
try {
if (this.readyState != 4) {
// not ready to ask the user.
USER_CONFIRMING = false;
return;
}
var ret = askUser("/xhr_response.html", {
responseText: this.responseText,
headers: this.getAllResponseHeaders(),
status: this.status,
readyState: this.readyState,
url: this.url_
});
if (ret.cancel) {
this.responseText_ = '';
this.responseHeaders_ = {};
this.responseHeadersText_ = '';
this.status_ = undefined;
}
if (ret.modified) {
this.responseText_ = ret.responseText;
this.responseHeaders_ = splitHeaders(ret.headers);
this.responseHeadersText_ = ret.headers;
this.status_ = ret.status;
}
if (ret.debug) {
debugger;
}
} catch(e) {}
};
var me = this;
function splitHeaders(res) {
var headers = {};
res.replace(/(?:^|\n)([^:]*)(?::\ ?)(.*)(?:\n|$)/g, function(_, header, value) {
headers[normalize(header)] = value;
});
return headers;
}
function normalize(header) {
return header.replace(/[^a-zA-Z0-9_-]/g, '').toLowerCase();
}
function hijack(property, opt_checker) {
Object.defineProperty(me, property, {
configurable: true,
get: function(){
delete me[property];
// Allow the user to change the response!
if (!opt_checker || !opt_checker(me[property])) {
me.userConfirm();
}
if (me.hasOwnProperty(property+"_")) {
return me[property+"_"];
}
return me[property];
}
});
}
hijack("responseText");
hijack("status");
hijack("readyState", function(v){
return v == 4;
});
this.getResponseHeader = function(header) {
this.userConfirm();
var normalized = normalize(header);
if (this.responseHeaders_ && this.responseHeaders_.hasOwnProperty(normalized)) {
return this.responseHeaders_[normalized];
}
return super_.getResponseHeader.apply(this, [].slice.call(arguments));
};
this.getAllResponseHeaders = function() {
this.userConfirm();
if (this.responseHeaders_) {
// Return our copy instead of calling super.
return this.responseHeadersText_;
}
return super_.getAllResponseHeaders.apply(this, [].slice.call(arguments));
};
};
window.XMLHttpRequest.prototype = super_;
window.XMLHttpRequest.toString = function() {
return "function XMLHttpRequest() { [injected code] }";
};
// Capture <form> submissions.
var origAddEventListener = Node.prototype.addEventListener;
function kidnapForm(form) {
if (!form.TAMPER_INSPECT) {
form.TAMPER_INSPECT = true;
origAddEventListener.call(form, "submit", function() {
var fields = [];
var elems = this.elements;
for(var i=0 ;i<elems.length; i++) {
var elem = elems[i];
if (elem.type.toLowerCase() == "submit" &&
elem.form.lastClicked != elem) {
continue;
}
if (elem.disabled) {
continue;
}
fields.push({name: elem.name, value: elem.value});
}
if (this.lastClicked instanceof HTMLInputElement &&
this.lastClicked.type.toLowerCase() == "image") {
var prefix = this.lastClicked.name ? this.lastClicked.name + "." : "";
fields.push({
name: prefix + "x",
value: this.lastClicked.lastEvent.x,
readOnly: true});
fields.push({
name: prefix + "y",
value: this.lastClicked.lastEvent.y,
readOnly: true});
if (this.lastClicked.value) {
fields.push({name: this.lastClicked.name, value: this.lastClicked.value});
}
}
var ret = askUser('/form.html', {
action: this.action,
method: this.method,
fields: fields
});
if (ret.cancel) {
e.preventDefault();
e.stopPropagation();
e.stopImmediatePropagation();
return;
}
if (ret.modified) {
// change the response.
this.action = ret.action;
this.method = ret.method;
ret.fields.forEach(function(field){
if (!field.readOnly) {
var elem = form.elements[field.name];
if (elem) {
if (field.remove) {
elem.disabled = true;
setTimeout(function(){
elem.disabled = false;
}, 1);
}
var originalValue = elem.value;
elem.value = field.value;
setTimeout(function(){
elem.value = originalValue;
}, 1);
} else {
var elem = document.createElement("input");
elem.type = "hidden";
elem.name = field.name;
elem.value = field.value;
form.appendChild(elem);
setTimeout(function(){
elem.parentNode.removeChild(elem);
}, 1);
}
}
});
}
if (ret.debug) {
debugger;
}
}, true);
}
var elems = form.elements;
for(var i=0 ;i<elems.length; i++) {
var elem = elems[i];
if (elem instanceof HTMLInputElement && !elem.TAMPER_INSPECT) {
elem.TAMPER_INSPECT = true;
origAddEventListener.call(elem, "click", function(e){
this.form.lastClicked = this;
this.lastEvent = e;
}, true);
}
}
}
// We need to do this in case someone programatically creates a form and adds
// an event listener (since we need to be the first event listener).
Node.prototype.addEventListener = function(eventName) {
if (this instanceof HTMLFormElement) {
kidnapForm(this);
return origAddEventListener.apply(this, [].slice.call(arguments));
}
}
// We need to do this in case someone programatically creates a form and tries
// to submit it.
var origSubmit = HTMLFormElement.prototype.submit;
HTMLFormElement.prototype.submit = function() {
kidnapForm(this);
return origSubmit.apply(this, [].slice.call(arguments));
};
// We need to hijack all existing forms.
var forms = document.forms;
for (var i=0; i<forms.length; i++) {
kidnapForm(forms[i]);
}
// We need to hijack all new forms.
document.addEventListener("DOMSubTreeModified", function(e) {
if (e.target instanceof HTMLFormElement) {
kidnapForm(e.target);
} else if (e.target.form && e.target.form instanceof HTMLFormElement) {
kidnapForm(e.target.form);
}
});
}
return true;
})(unescape('chrome-extension%3A//hifhgpdkfodlpnlmlnmhchnkepplebkb'));
I was just wondering if that was something that should be accessible. I dont know enough to tell if that is important at all or not. Maybe im over thinking it lol... Thanks in advance for any responses!
- lance44
- New User
- Posts: 1
- Joined: Wed Jan 15, 2014 9:30 pm
- Blog: View Blog (0)
Re: Please ask questions ONLY in this topic.
by jazzpi on Mon Mar 10, 2014 12:40 pm
([msg=79842]see Re: Please ask questions ONLY in this topic.[/msg])
Is http://www.americannaziparty.com/http://www.anp14.com actually part of this challenge? I read up on them on Wikipedia and these websites seem to match what Wikipedia says about them. However, they both seem to be kinda vulnerable (i.e. they didn't turn directory listing off, as to be seen at http://www.americannaziparty.com/support/gifs/)
jazzpi
jazzpi
- jazzpi
- New User
- Posts: 1
- Joined: Mon Mar 10, 2014 12:36 pm
- Blog: View Blog (0)
Re: Please ask questions ONLY in this topic.
by Adrasteia the Inescapable on Tue Mar 11, 2014 5:14 pm
([msg=79866]see Re: Please ask questions ONLY in this topic.[/msg])
I doubt it, though Poe's law might apply. If they were, the mission would probably be hosted there rather than on HTS.
- Adrasteia the Inescapable
- New User
- Posts: 17
- Joined: Sun Mar 09, 2014 12:02 am
- Blog: View Blog (0)
Return to (Real 2) Chicago American Nazi Party
Who is online
Users browsing this forum: No registered users and 0 guests