Breach Password PHP thing

A place where newbies can post without (much) fear of reprisal. All mission posts should still go in the applicable forum.
Forum rules
Older HTS users: Be nice to the new people.

NEW USERS: This is NOT the place to post about missions! Refer to "Missions" category.

Breach Password PHP thing

Post by siolnangaidheal on Thu Nov 22, 2012 6:01 pm
([msg=71228]see Breach Password PHP thing[/msg])

Hi, Started learning this stuff for fun but got delayed by exams and crap.
To the point, I while playing the part of someone who knows what they are talking about with computers to get a favor from someone they asked me how secure their login page was. Stupidly I said not very.

This is it...

<html>
<head><title>Quick PHP Password Protection</title></head>
<body>
<center>
<h1>Quick PHP Password Protection</h1>
<span class="messages">Buddy, nice try, but wrong password or username. This is your attempt #3</span>
<div class="content">
<form action="login.php" method="POST">
<p>Username: <input type="username" name="username" value="" /></p>
<p>Password: <input type="password" name="password" value="" /></p>
<input type="submit" value="Login" name="submit" />
</form>
</div>
</center>
</body>
</html>

Not expecting much, I got myself into this but I'd appreciate if anyone could point out any obvious flaws or is it pretty secure?

Thanks
siolnangaidheal
New User
New User
 
Posts: 4
Joined: Thu Nov 22, 2012 5:53 pm
Blog: View Blog (0)


Re: Breach Password PHP thing

Post by WallShadow on Thu Nov 22, 2012 6:50 pm
([msg=71232]see Re: Breach Password PHP thing[/msg])

First off, welcome to HTS,

Second, just from the form that we see, there is very little that we can tell about it. We'd need to see the php script behind this in order to tell if there are significant weaknesses. You could try some SQLi, but he probably has that covered if he is already challenging you, unless he is retarded, in which case go ahead and try SQLi.

Oh, before I forget:

Disclaimer :
HackThisSite does not support illegal activities.
The management of this board is not responsible for the content of any external internet sites.

in case that wasn't clear enough yet.
User avatar
WallShadow
Contributor
Contributor
 
Posts: 612
Joined: Tue Mar 06, 2012 9:37 pm
Blog: View Blog (0)


Re: Breach Password PHP thing

Post by not_essence2 on Thu Nov 22, 2012 6:54 pm
([msg=71233]see Re: Breach Password PHP thing[/msg])

Well, he will have to give you more information. At least, a website containing this and a fully functional version, as in actual usernames and passwords exist. Hard to determine without. Make him give you a URL. Otherwise, you have to tell the guy to bug off unless he comes back with one, because like WallShadow said, it's hard to determine with just that. You can complain that this form is exactly all that you get in a real-life situation, but if you go through the missions, you'll see what we're talking about.
I don't know much except for what the missions on this site calls for. You might want to explore those first, and stall with your friend.
not_essence2
Poster
Poster
 
Posts: 189
Joined: Fri Sep 14, 2012 6:09 pm
Blog: View Blog (0)


Re: Breach Password PHP thing

Post by siolnangaidheal on Fri Nov 23, 2012 6:36 am
([msg=71245]see Re: Breach Password PHP thing[/msg])

Hi, thanks for the reply. I have got a URL but I was reluctant to post it on a hacker forum that I had no experience of. I tried SQLi but that failed, couldn't get an error.

If you could tell me where I could access the script I could post it here. I also asked my friend for the script but I think he's just going to laugh at me.

I think this is the same thing here: http://codecanyon.net/item/quick-php-password-protection-login-system/97808
siolnangaidheal
New User
New User
 
Posts: 4
Joined: Thu Nov 22, 2012 5:53 pm
Blog: View Blog (0)


Re: Breach Password PHP thing

Post by LoGiCaL__ on Fri Nov 23, 2012 10:07 am
([msg=71248]see Re: Breach Password PHP thing[/msg])

@OP. You're looking at the wrong page. Like WallShadow said, you need to look at the source of the script itself (login.php) to actually tell how secure it is. The script is server side so unless you can find some kind of vuln where you can view it expect to test it without being able to see the source.
User avatar
LoGiCaL__
Addict
Addict
 
Posts: 1063
Joined: Sun May 30, 2010 12:33 pm
Blog: View Blog (0)


Re: Breach Password PHP thing

Post by siolnangaidheal on Fri Nov 23, 2012 10:31 am
([msg=71249]see Re: Breach Password PHP thing[/msg])

LoGiCaL__ wrote:@OP. You're looking at the wrong page. Like WallShadow said, you need to look at the source of the script itself (login.php) to actually tell how secure it is. The script is server side so unless you can find some kind of vuln where you can view it expect to test it without being able to see the source.

That is login.php, I'm going to use a website crawler to look for webpages it could be on but I think it's hidden.
siolnangaidheal
New User
New User
 
Posts: 4
Joined: Thu Nov 22, 2012 5:53 pm
Blog: View Blog (0)


Re: Breach Password PHP thing

Post by LoGiCaL__ on Fri Nov 23, 2012 10:34 am
([msg=71250]see Re: Breach Password PHP thing[/msg])

Yeah, but it's not showing the php code which is how the login is actually performed.
User avatar
LoGiCaL__
Addict
Addict
 
Posts: 1063
Joined: Sun May 30, 2010 12:33 pm
Blog: View Blog (0)


Re: Breach Password PHP thing

Post by not_essence2 on Fri Nov 23, 2012 11:11 am
([msg=71253]see Re: Breach Password PHP thing[/msg])

Maybe we could do a table-based SQLi? (Using the UNION ALL to bring out the tables)
Or we could just make an account there ourselves, and XSS whoever we want to gain access to, steal the cookies and copy them in for ourselves?
not_essence2
Poster
Poster
 
Posts: 189
Joined: Fri Sep 14, 2012 6:09 pm
Blog: View Blog (0)


Re: Breach Password PHP thing

Post by LoGiCaL__ on Fri Nov 23, 2012 11:17 am
([msg=71254]see Re: Breach Password PHP thing[/msg])

You could always just download that pre-made login that was posted and create your own page and test it that way.
User avatar
LoGiCaL__
Addict
Addict
 
Posts: 1063
Joined: Sun May 30, 2010 12:33 pm
Blog: View Blog (0)


Re: Breach Password PHP thing

Post by siolnangaidheal on Fri Nov 23, 2012 12:00 pm
([msg=71255]see Re: Breach Password PHP thing[/msg])

So how would I use "UNION ALL" ?
siolnangaidheal
New User
New User
 
Posts: 4
Joined: Thu Nov 22, 2012 5:53 pm
Blog: View Blog (0)


Next

Return to NZone

Who is online

Users browsing this forum: No registered users and 0 guests