Extended Basic 7

Learn how to do code review

Re: Extended Basic 7

Post by Alanaeus on Mon Jul 06, 2009 10:07 pm
([msg=26366]see Re: Extended Basic 7[/msg])

Grrrr.... Finally got it. I did get a chuckle out of the form name after some substitution. I didn't think it was just a random string of characters. ;)
User avatar
Alanaeus
New User
New User
 
Posts: 1
Joined: Thu Jul 02, 2009 8:06 pm
Location: The Aether
Blog: View Blog (0)


Re: Extended Basic 7

Post by Bv202 on Tue Sep 08, 2009 12:12 pm
([msg=29356]see Re: Extended Basic 7[/msg])

I need some help with this one please.

I know perfectly what the error and security risk is and I know how to fix it, but I can't complete it; it just refreshes, so I guess it's wrong. I'm sure my answer is correct though.

What should the answer be? Should a special method be used to solve the security issue or something? As far as I know, that security risk can be solved on several ways.
Bv202
New User
New User
 
Posts: 6
Joined: Sat Sep 13, 2008 11:08 am
Blog: View Blog (0)


Re: Extended Basic 7

Post by xatr0z on Tue Dec 01, 2009 9:53 am
([msg=30926]see Re: Extended Basic 7[/msg])

Okay I got the bug. I know what the vulnerability is, but I don't know what you want me to replace it with.
There are numerous ways of doing the same thing the script does... But without the vulerability.
With: PHP (changing "it" into something else), PHP (putting something before and after "it"), Javascript, or plain old HTML..

I kept everything in the same (upper-/lower) case that the scripts does as well...

But so far i got nothing. Could someone please say on which method i should focus?

(hope i didn't spoil anything, couldn't think of another way of putting it)

EDIT: Okay i got it.. It was the first thing i came up with, but only a little easyer version.
xatr0z
New User
New User
 
Posts: 1
Joined: Mon Nov 30, 2009 6:30 pm
Blog: View Blog (0)


Re: Extended Basic 7

Post by alien_av on Sat Jan 02, 2010 7:46 am
([msg=32667]see Re: Extended Basic 7[/msg])

I don't know if it's a stupid or obvious remark, but I couldn't finish this mission before I removed the ; in the end of the code I added
alien_av
New User
New User
 
Posts: 3
Joined: Tue Jun 10, 2008 5:36 pm
Blog: View Blog (0)


Re: Extended Basic 7

Post by h4ck3rz on Fri Jan 08, 2010 9:31 am
([msg=33046]see Re: Extended Basic 7[/msg])

help me!!!

I think I know both the bug and the vuln part, and I think I know how to fix the vuln. It uses the function html**e**a***a*s, right? If it's right, how to fix the bug? could I just change that superglobal array into another superglobal array? (POST to GET perhaps). I've already tried that but that didn't work either. Or maybe, the line I tried to fix is incorrect? once again, help me!
h4ck3rz
New User
New User
 
Posts: 11
Joined: Mon May 26, 2008 8:53 pm
Blog: View Blog (0)


Re: Extended Basic 7

Post by eljonto on Fri Jan 08, 2010 4:41 pm
([msg=33080]see Re: Extended Basic 7[/msg])

h4ck3rz wrote:help me!!!

I think I know both the bug and the vuln part, and I think I know how to fix the vuln. It uses the function html**e**a***a*s, right? If it's right, how to fix the bug? could I just change that superglobal array into another superglobal array? (POST to GET perhaps). I've already tried that but that didn't work either. Or maybe, the line I tried to fix is incorrect? once again, help me!


you only need to submit one line, i.e. the bug and the vuln are on the same line. you are correct with the h**********s bit, so you know what line the bug is one. You've noticed the inconsistency of the form methods, which one do you think you have to change?
-Quis custodiet ipsos custodes?, Juvenal
_________________________________________________________________
User avatar
eljonto
Poster
Poster
 
Posts: 373
Joined: Thu Apr 17, 2008 1:16 am
Location: Australia
Blog: View Blog (0)


Re: Extended Basic 7

Post by h4ck3rz on Mon Jan 11, 2010 10:12 am
([msg=33209]see Re: Extended Basic 7[/msg])

eljonto wrote:
you only need to submit one line, i.e. the bug and the vuln are on the same line. you are correct with the h**********s bit, so you know what line the bug is one. You've noticed the inconsistency of the form methods, which one do you think you have to change?


I still didn't get it. I think I have to change the one in the PHP script, but to do that, I must change more than one line (have to fix the IF part too, right?). But, if I change the one in the form, I can't fix the vuln. And one more question, is the function have to followed by any other parameters?
h4ck3rz
New User
New User
 
Posts: 11
Joined: Mon May 26, 2008 8:53 pm
Blog: View Blog (0)


Re: Extended Basic 7

Post by shill on Mon Jan 11, 2010 2:52 pm
([msg=33219]see Re: Extended Basic 7[/msg])

h4ck3rz wrote:
eljonto wrote:
you only need to submit one line, i.e. the bug and the vuln are on the same line. you are correct with the h**********s bit, so you know what line the bug is one. You've noticed the inconsistency of the form methods, which one do you think you have to change?


I still didn't get it. I think I have to change the one in the PHP script, but to do that, I must change more than one line (have to fix the IF part too, right?). But, if I change the one in the form, I can't fix the vuln. And one more question, is the function have to followed by any other parameters?


Think again. Only one line must be changed. That's a major hint. (If I give any more of a hint it'll probably be a spoiler, but I'm just going to strongly point out that the question is formulated correctly and only one line needs to be changed to fix bug and vuln)
shill
New User
New User
 
Posts: 10
Joined: Mon Jan 11, 2010 2:50 pm
Blog: View Blog (0)


Re: Extended Basic 7

Post by eljonto on Mon Jan 11, 2010 6:00 pm
([msg=33226]see Re: Extended Basic 7[/msg])

we really couldn't have said it any simpler, you only change one line and since there's only one occurrence of the inconsistency on the said line which one do you have to change. I don't understand how you're still trying to change two occurrences of something on two lines to match one occurrence of something on the vuln line.
-Quis custodiet ipsos custodes?, Juvenal
_________________________________________________________________
User avatar
eljonto
Poster
Poster
 
Posts: 373
Joined: Thu Apr 17, 2008 1:16 am
Location: Australia
Blog: View Blog (0)


Re: Extended Basic 7

Post by h4ck3rz on Mon Jan 11, 2010 9:46 pm
([msg=33234]see Re: Extended Basic 7[/msg])

OMG!!! I know it now!

Just like I said before, from the very start, I was trying to fix the wrong line! :cry: OMG!!! And then, I read more about XSS, and the answer is right there in front of me! It's not too hard if you know the right line...
h4ck3rz
New User
New User
 
Posts: 11
Joined: Mon May 26, 2008 8:53 pm
Blog: View Blog (0)


PreviousNext

Return to Extended Basics

Who is online

Users browsing this forum: No registered users and 0 guests