Please ask questions ONLY in this topic.

Your friend is being cheated out of hundreds of dollars. Help him make things even again!

Re: Please ask questions ONLY in this topic.

Post by turtlekoala on Wed Feb 20, 2013 11:45 pm
([msg=73926]see Re: Please ask questions ONLY in this topic.[/msg])

I haven't read this entire forum, but from what I read people are talking a lot about using addons or creating local versions of things. If you are having trouble, my advice is to learn what the $_GET variable is actually doing. If you really understand it, then this is very easy.
turtlekoala
New User
New User
 
Posts: 4
Joined: Wed Feb 20, 2013 12:32 am
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by Valkyrie920 on Sat Feb 23, 2013 9:55 pm
([msg=74056]see Re: Please ask questions ONLY in this topic.[/msg])

Hi all, I have just completed this mission and would like to offer advice to all those who still may be working on it. This mission is simple, super-simple (especially with tools like Firebug), so try not to be too fancy and over think it like I did for the last hour and a half. You have to edit a single value, large enough to propel your band to the number #1 spot. How would you go about doing that? Know what the $_GET method actually does, and make sure that you're editing the correct value; you're reasoning may be spot on but you might ending changing the wrong thing. Finally, have fun with it. There are multiple ways to solve this problem; if you end up smashing your monitor, you're doing wrong.

Good Luck!
Valkyrie920
New User
New User
 
Posts: 1
Joined: Sat Feb 23, 2013 9:48 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by katsi on Wed Mar 13, 2013 2:03 pm
([msg=74497]see Re: Please ask questions ONLY in this topic.[/msg])

Nice post . . .
katsi
New User
New User
 
Posts: 2
Joined: Wed Mar 13, 2013 1:55 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by ghest1138 on Sat Apr 06, 2013 6:10 pm
([msg=74971]see Re: Please ask questions ONLY in this topic.[/msg])

The id doesn't matter in this one... Also, when changing the score to something ridiculous, know the difference between the value it sends to the script, and the on-screen text. Changing the text does nothing!
ghest1138
New User
New User
 
Posts: 3
Joined: Sat Apr 06, 2013 3:00 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by 4lm45 on Mon Apr 22, 2013 5:52 am
([msg=75284]see Re: Please ask questions ONLY in this topic.[/msg])

?
4lm45
New User
New User
 
Posts: 1
Joined: Mon Apr 22, 2013 5:46 am
Blog: View Blog (0)


owasp?

Post by Strat0s on Fri May 10, 2013 10:27 am
([msg=75526]see owasp?[/msg])

Is this legal too use tools like OWASP to figure out more info on the site etc?
Just dont wanna do something ilegal, but at the same time learn. :p
Strat0s
New User
New User
 
Posts: 2
Joined: Fri May 10, 2013 10:21 am
Blog: View Blog (0)


Re: owasp?

Post by sordidarchetype on Fri May 10, 2013 11:04 am
([msg=75527]see Re: owasp?[/msg])

Strat0s wrote:Is this legal too use tools like OWASP to figure out more info on the site etc?
Just dont wanna do something ilegal, but at the same time learn. :p


That's going to depend on what exactly you are doing with it, and what the laws are n your area.
However, if you are going to be performing questionable analysis on machines anyway, it is recommended that you get written consent from the site owners first. This will stay any legal concerns you may have about using those tools.
User avatar
sordidarchetype
New User
New User
 
Posts: 47
Joined: Wed Dec 22, 2010 12:46 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by limdis on Fri May 10, 2013 11:11 am
([msg=75528]see Re: Please ask questions ONLY in this topic.[/msg])

Strat0s wrote:Is this legal too use tools like OWASP to figure out more info on the site etc?<br>Just dont wanna do something ilegal, but at the same time learn. :p


For any other site than HTS sordidarchetype is correct. However, HTS is a little bit different and we encourage you to find security holes. We just ask that you do not DDoS the site.
More info here
"The quieter you become, the more you are able to hear..."
"Drink all the booze, hack all the things."
User avatar
limdis
Moderator
Moderator
 
Posts: 1423
Joined: Mon Jun 28, 2010 5:45 pm
Blog: View Blog (0)


Owsap

Post by Strat0s on Fri May 10, 2013 12:21 pm
([msg=75531]see Owsap[/msg])

I would like to admit i hit run on owasp on youre site but i this was a act off a milisecond stupidity on my behalf.
Running a tool i have little and no knowledge about. I would also like to note i instantly hit stop, (when my brain actually started working...) lol.. Im deeply sorry if i did anything against the rules, and il from now on stick to more basic stuff. Atleast until i get more of a understandthing of wtf im actually doing.

This was OFC before i asked. And i asked because i got shit scared tbh, cuz i really wasent looking for anything but stuff from the realistic mission site and a way to complete that. But i was soon to discover that this owasp thing wasent really meant just for that and i got shitscared and instantly pressed stop.

I think i learned that i shouldent be even touching stuff i have no idea what is doing...
Once again to all admins and everything if i caused any disturbance by doing this 1 sec owasp thingy please let me know so i can compansate or fix up my mistake.... (sorry for spammin the question topic with this)

Im gonna stick to programing from now on.... LOL :D
Strat0s
New User
New User
 
Posts: 2
Joined: Fri May 10, 2013 10:21 am
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by brutal_hacker on Fri May 10, 2013 1:30 pm
([msg=75532]see Re: Please ask questions ONLY in this topic.[/msg])

Funny how people have little knowledge over what you can and cant do on a website. Anything intrusive is a no no a big no no even exploiting sql...

There are plenty of programs on backtrack and Kali but these are designed to be run in a pen test environment on sites/systems you have written permission to use. Hense why we all get VPN's, tor, bounce off proxy (well not all, but a fair few).
brutal_hacker
Experienced User
Experienced User
 
Posts: 58
Joined: Fri Apr 19, 2013 1:03 pm
Blog: View Blog (0)


PreviousNext

Return to (Real 1) Uncle Arnold's Local Band Review

Who is online

Users browsing this forum: No registered users and 0 guests