Please ask questions only in this topic.

Re: Please ask questions only in this topic.

Post by firextin87 on Fri Mar 21, 2014 9:30 am
([msg=80005]see Re: Please ask questions only in this topic.[/msg])

Hi all...
ok I solved this mission but there is something not so clear for me: the final part of the mission. I don't understand because I need to use "that symbol" to retrieve the admin account. I try to figure out the system, I think that the page m******r.c** uses a SQL query to retrieve the information, and I suppose this query is: SELECT * FROM [tab_name] WHERE username=[id], so if I use the parameter I used the query would be: SELECT * FROM [tab_name] WHERE username=[the_symbol_I_used]. What I can't understand is because this query work with that symbol :(
I hope I explained, and please excuse me for my bad English.
firextin87
New User
New User
 
Posts: 2
Joined: Fri Feb 21, 2014 9:19 am
Blog: View Blog (0)


Great Mission

Post by horrorshow1984 on Sat May 24, 2014 3:39 am
([msg=80945]see Great Mission[/msg])

Thanks for this great challenge, that was so cool =)
horrorshow1984
New User
New User
 
Posts: 2
Joined: Sun May 04, 2014 8:46 am
Blog: View Blog (0)


Re: Please ask questions only in this topic.

Post by Zanna1x9x on Sun Aug 16, 2015 12:21 pm
([msg=89385]see Re: Please ask questions only in this topic.[/msg])

I've completed this mission, but, like firextin87, I'm still not understanding why the use of "that symbol" let me see admin's datas.
Is there someone who I can PM to have some more informations?
Zanna1x9x
New User
New User
 
Posts: 3
Joined: Mon Mar 09, 2015 8:43 am
Blog: View Blog (0)


Re: Please ask questions only in this topic.

Post by muddassir on Fri Jan 01, 2016 4:06 pm
([msg=91117]see Re: Please ask questions only in this topic.[/msg])

Hello Fellow Hackers,
I just fiddled through all the pages and after I came to the forum, the first post I read was about "poison null byte". How did you people even get the idea of utilizing this technique here? That's my question
muddassir
New User
New User
 
Posts: 1
Joined: Fri Jan 01, 2016 4:01 pm
Blog: View Blog (0)


Re: Please ask questions only in this topic.

Post by h2athts on Wed Feb 24, 2016 3:02 pm
([msg=91701]see Re: Please ask questions only in this topic.[/msg])

Hey all. For you who are stuck. forget the trying to bypass the perl check script in m********.**i as it can give you a valid id but not the one you need. If you follow that path, just compare the script input with all the functions in itself and try them out until a positive match. All you need is in that perl script.
After that dont forget this might not be related with sql and the script is taking other functions from another kind of database script that might be simple, like this symbol you use to get all possible names in querys.
h2athts
New User
New User
 
Posts: 1
Joined: Wed Feb 24, 2016 2:53 pm
Blog: View Blog (0)


Re: Please ask questions only in this topic.

Post by Faithe25 on Sun Mar 20, 2016 8:24 pm
([msg=91970]see Re: Please ask questions only in this topic.[/msg])

Hey everyone,

I used the NULL Byte to view the source of a specific CGI file. I wrote a simple java program to determine the correct id, and was able to login to that CGI file. I was able to find an admin username and password. However, when I log in using these credentials I see a page that says "...and of course... It's not that easy to beat this mission."

Could someone please point me in the right direction from here.




Also, I do not know Perl, so I may have missed a few things in those scripts.

Thanks for your help, everyone!


NVM: There were cookie issues....
Faithe25
New User
New User
 
Posts: 8
Joined: Tue Aug 04, 2015 1:46 pm
Blog: View Blog (0)


Previous

Return to (Real 14) Yuppers Internet Solutions

Who is online

Users browsing this forum: No registered users and 0 guests