Please ask questions ONLY in this topic.

A little girl made a website to post poetry related to peace and understanding. American fascists have hacked this website replacing it with Hitler-esque propaganda. Can you repair the website?

Re: Please ask questions ONLY in this topic.

Post by Granda on Tue Feb 18, 2014 1:34 am
([msg=79533]see Re: Please ask questions ONLY in this topic.[/msg])

Nevermind, got it.
Granda
New User
New User
 
Posts: 1
Joined: Tue Feb 18, 2014 1:29 am
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by hedgehog777 on Tue Mar 11, 2014 1:41 pm
([msg=79853]see Re: Please ask questions ONLY in this topic.[/msg])

Very interessting challenge!! :)

But does this in fact work in real world?? Would be frightening.... I could solve the challange but I'm still not sure, how this actually works and how to prevent it. What is the point that makes that possible? Lack of restrictrions? Would be nice, if someone has a link about this or a precise answer without spoilering! :D

thx
hedgehog777
New User
New User
 
Posts: 5
Joined: Tue Mar 11, 2014 1:30 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by cyberdrain on Tue Mar 11, 2014 4:48 pm
([msg=79861]see Re: Please ask questions ONLY in this topic.[/msg])

Yes, all of the Realistic exploits would work in the real world (hence 'Realistic') if the page is vulnerable and yes, lack of restrictions can be the problem. To block most of these exploits filtering works great. Just remove all characters that could be used to make the script do something you don't want or only allow the characters A-Z a-z and 0-9 (assuming 0x00 or h00 won't be read as hex). Only after you clean up the user input should it be used. I'm not sure I can say more without spoiling.
Free your mind / Think clearly
User avatar
cyberdrain
Contributor
Contributor
 
Posts: 659
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by Adrasteia the Inescapable on Tue Mar 11, 2014 5:09 pm
([msg=79865]see Re: Please ask questions ONLY in this topic.[/msg])

hedgehog777 wrote:I'm still not sure...how to prevent it.

In general, you can remove the character sequences which would allow directory traversal from a user-entered filename before doing anything with it. There are other exploits that this won't block (such as poison null bytes), of course, but it covers a lot of them.
Adrasteia the Inescapable
New User
New User
 
Posts: 33
Joined: Sun Mar 09, 2014 12:02 am
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by hedgehog777 on Wed Mar 12, 2014 4:35 am
([msg=79875]see Re: Please ask questions ONLY in this topic.[/msg])

Thank you for the answers!
Filtering these sequences makes absolutely sense. I'll try to figure out how this could be done,.. still not good in web scripting.. ^^
hedgehog777
New User
New User
 
Posts: 5
Joined: Tue Mar 11, 2014 1:30 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by Adrasteia the Inescapable on Wed Mar 12, 2014 9:05 am
([msg=79879]see Re: Please ask questions ONLY in this topic.[/msg])

hedgehog777 wrote:I'll try to figure out how this could be done,.. still not good in web scripting.. ^^

If you're using JavaScript to validate the information before sending it to the server, you could use the String.replace() method to replace the dangerous character sequences with underscores.
Adrasteia the Inescapable
New User
New User
 
Posts: 33
Joined: Sun Mar 09, 2014 12:02 am
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by encadyma on Mon Mar 31, 2014 1:04 pm
([msg=80077]see Re: Please ask questions ONLY in this topic.[/msg])

Hello, I have a question, and I hope I don't duplicate someone else's question or give any spoilers:

The question is, how did you get to the ***i**ex.**ml file in the real world? I've been wondering for a long time. Do you just enter it randomly on the address bar? or what?

(Thanks)
encadyma
New User
New User
 
Posts: 1
Joined: Mon Mar 31, 2014 1:00 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by cyberdrain on Mon Mar 31, 2014 6:50 pm
([msg=80081]see Re: Please ask questions ONLY in this topic.[/msg])

encadyma wrote:The question is, how did you get to the file in the real world?


Actually I've come across such an exploit just like this one in the real world. The exploit just used the technique that can be used here until you were certain to be in the root of the tree (if you know what I mean) and found it's way from there. Of course if you can't be certain to find the 'exact' path to take for example because it's not the default, this can be automated to do it blindly, or find another exploit in the site to get more knowledge. Hence the fact that exploration before exploitation usually pays off.
Free your mind / Think clearly
User avatar
cyberdrain
Contributor
Contributor
 
Posts: 659
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by Adrasteia the Inescapable on Tue Apr 01, 2014 1:53 pm
([msg=80100]see Re: Please ask questions ONLY in this topic.[/msg])

encadyma wrote:Hello, I have a question, and I hope I don't duplicate someone else's question or give any spoilers:

The question is, how did you get to the ***i**ex.**ml file in the real world? I've been wondering for a long time. Do you just enter it randomly on the address bar? or what?

(Thanks)

View the source of the index page and look around for a bit.
Adrasteia the Inescapable
New User
New User
 
Posts: 33
Joined: Sun Mar 09, 2014 12:02 am
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by ledixer on Sun Apr 20, 2014 2:37 am
([msg=80313]see Re: Please ask questions ONLY in this topic.[/msg])

I've submitted a p**m but when I try to open it, It says "Not allowed weirdo"
ledixer
New User
New User
 
Posts: 2
Joined: Sun Apr 20, 2014 2:29 am
Blog: View Blog (0)


PreviousNext

Return to (Real 3) Peace Poetry: HACKED

Who is online

Users browsing this forum: No registered users and 0 guests