Application 2

Learn to reverse engineer through some common application security methods.
Forum rules
DO NOT POST ANSWERS OR SPOILERS! [IE: Mission Links, Mission File Names/Pages, Scripts/Code, etc.]

Posting these will result in warnings/bans!

Re: Application 2

Post by Default6359 on Sun Mar 15, 2020 5:01 pm
([msg=101398]see Re: Application 2[/msg])

You should take a look at the http request sent by the app. The URI is http://hackthissite...... The app doesn't really check the serials from the txt. When you insert a serial and press "Authenticate" it receives code 301 (Moved Permanently) because the URI is in fact httpS://hackkthissite...... so it can't work like that.
Default6359
New User
New User
 
Posts: 5
Joined: Fri Nov 29, 2019 11:50 am
Blog: View Blog (0)


Re: Application 2

Post by Anngeluss on Sat Apr 11, 2020 10:39 am
([msg=102262]see Re: Application 2[/msg])

Hello my friends. Is this chalange is still working? Becouse i found bunch of strings of numbers, and tryed all of them, but still it said invalid sirial number. Any tips? Thank you :)
Anngeluss
New User
New User
 
Posts: 1
Joined: Thu Apr 09, 2020 7:59 am
Blog: View Blog (0)


Re: Application 2

Post by OutOfRange on Sun Aug 02, 2020 3:51 pm
([msg=107390]see Re: Application 2[/msg])

As application has updated, the application is fully functional now. But as the request it sends has changed I can not determine where the keys are stored. I even tried catching requests program sends and reproducing the same requests. But by browser that's not happening. "Hello Agent User, access by browser is forbidden!". Hints needed.

(Actually I know where serials are because I had tried and failed with the same serials now working, before the update. But I tried updated version as playing for the challenge from scratch.)

-- Fri Aug 07, 2020 1:15 pm --

Any one to PM at least???
OutOfRange
New User
New User
 
Posts: 5
Joined: Thu Dec 12, 2019 12:42 pm
Blog: View Blog (0)


Re: Application 2

Post by Default6359 on Sat Sep 12, 2020 7:41 am
([msg=107745]see Re: Application 2[/msg])

You could try to change the HOSTS file in windows to make the request point to localhost. Install Apache, for example, disable SSL and copy the serials file where it would be located on hackthissite.org.
Default6359
New User
New User
 
Posts: 5
Joined: Fri Nov 29, 2019 11:50 am
Blog: View Blog (0)


Previous

Return to Application

Who is online

Users browsing this forum: No registered users and 0 guests