Please ask questions ONLY in this topic.

Re: Please ask questions ONLY in this topic.

Post by Tenth_Prime on Mon Oct 13, 2008 1:57 am
([msg=13628]see Re: Please ask questions ONLY in this topic.[/msg])

Theist17 wrote:
Tenth_Prime wrote:ok, so i forced the interweb to think i was some stupid rich guy, then i gave away some money, got a new cookie for that (always good to get cookies when you do things)<br><br>but now i don't have the slightest idea as to how i clear the logfiles... am i supposed to give the interweb a cookie? and if so, what kind of cookie?


Think about what your buttons are doing when you press them.

EDIT: Also, remember basic 1? Yeah. Time to pass that test again.


what buttons, and i see what you mean about the idiot test, i see what i should be looking for there... but as to how i do what i need to...
Binary - It's Digitalicious! - http://www.nickciske.com

I thought the code ended in a zero...

I am the α
and I am the Ω
Tenth_Prime
Experienced User
Experienced User
 
Posts: 50
Joined: Sat Aug 09, 2008 5:20 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by kensaggy on Sun Oct 19, 2008 10:19 am
([msg=13903]see Re: Please ask questions ONLY in this topic.[/msg])

i can't figure out how to exploit the "Clear Data" button to clear all the logs..

can anyone send me off in the right direction?

Thanks.

Edit: Never mind - Should have read the instructions better :-) Got it. Thanks anyway.
kensaggy
New User
New User
 
Posts: 1
Joined: Sun Oct 19, 2008 10:15 am
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by str33ts0ld13r on Sun Nov 02, 2008 6:48 pm
([msg=14396]see Re: Please ask questions ONLY in this topic.[/msg])

the last part is so so so simple. once again i was over complicating things. a hint for all you still stuck all you need is to do exactly what the mission statement said clear the "logFiles" . remember think simple.
str33ts0ld13r
New User
New User
 
Posts: 5
Joined: Thu Sep 25, 2008 6:53 pm
Blog: View Blog (0)


bug or something ?

Post by zasmoker on Thu Nov 06, 2008 6:39 am
([msg=14557]see bug or something ?[/msg])

javascript:void([CENSORED]<input type=hidden name=TO value=dropCash >[CENSORED])

this is what i get

"You have the right idea, but you need to transfer the money to dropCash"

Where`s the mistake, i`m pretty sure its correct.

Ps : you don`t need passwords, after you found the username just use javascript to the end :P
zasmoker
New User
New User
 
Posts: 4
Joined: Wed Nov 05, 2008 4:11 am
Blog: View Blog (0)


Security with the actual test itself?

Post by littlecog on Thu Nov 06, 2008 5:47 pm
([msg=14577]see Security with the actual test itself?[/msg])

I'll try not to give away any spoilers, but I'm a touch worried about the security of the actual test itself.

if you do a SQL injection on the user search form you get a list of all the registered users. Including all the would be hackers and users. What worries me is that new hackers may put in genuine passwords, or XSS hacks that would effect the visitor etc etc.

I reckon the test itself should be rewritten to just use session data to store "new registrations" (ie the would-be-hacker)
littlecog
New User
New User
 
Posts: 2
Joined: Thu Nov 06, 2008 5:35 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by fourthdimension on Fri Nov 07, 2008 1:42 am
([msg=14596]see Re: Please ask questions ONLY in this topic.[/msg])

Wow... this was the easiest mission yet! Just exploiting the lack of server side verification. It took only 5 minutes to find the three things I needed to do/change.
fourthdimension
New User
New User
 
Posts: 1
Joined: Sat May 24, 2008 7:22 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by wake_up on Fri Nov 07, 2008 9:26 am
([msg=14604]see Re: Please ask questions ONLY in this topic.[/msg])

OK!
I know what to do but when i try to transfer the money to dropCash it gives me :
You have the right idea, but you need to transfer the money to dropCash
What is happening?
wake_up
New User
New User
 
Posts: 1
Joined: Fri Nov 07, 2008 9:21 am
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by Sentient 6 on Mon Nov 10, 2008 11:42 pm
([msg=14792]see Re: Please ask questions ONLY in this topic.[/msg])

wake_up wrote:OK!
I know what to do but when i try to transfer the money to dropCash it gives me :
You have the right idea, but you need to transfer the money to dropCash
What is happening?


Make sure you're putting the correct amount of money into the correct form and make sure you're only using numerical characters, other wise it will give you that error message.
Sentient 6
New User
New User
 
Posts: 3
Joined: Mon Nov 10, 2008 11:40 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by Kakarot7 on Wed Nov 12, 2008 1:49 pm
([msg=14871]see Re: Please ask questions ONLY in this topic.[/msg])

Thats the same answer i see throughout this whole thrad. I have the same problem too.

I think we are pretty sure we are typing the right bloody values.

So... can anybody REALLY explain why it continues to say "you need to transfer the money to dropCash"

Thanks in advance,
Kakarot7
New User
New User
 
Posts: 1
Joined: Wed Nov 12, 2008 9:58 am
Blog: View Blog (0)


Who's the right Gary Hunter

Post by scorpio_ctza on Mon Nov 17, 2008 3:33 pm
([msg=15144]see Who's the right Gary Hunter[/msg])

I used a sql injection to retrieve 6802 usernames and descriptions. How do I determine which is the one I want? Is this the right info I have retrieved?

Where do I go from here?
scorpio_ctza
New User
New User
 
Posts: 5
Joined: Sun Nov 16, 2008 1:45 am
Blog: View Blog (0)


PreviousNext

Return to (Real 8) United Banks Of America

Who is online

Users browsing this forum: No registered users and 0 guests