Page 30 of 35

Re: Please ask questions ONLY in this topic.

PostPosted: Wed Jul 25, 2012 4:01 pm
by dm79
Enjoyed myself completing this mission. Found it to be more of a challenge and took me some time to do so (4 hours or so).
In reading some posts on what techniques or applications to use I can say that I only used IE and it's developers tool (F12). From there I created a script that completes 2 of the steps in the mission automatically when run from the console in that tool. I know that geek fundamentalist don't like my choice for these tools but just want to give a pointer for those who make it to complicated in thinking it requires specific tools.
PS. Find it amusing that money can buy anything as it even holds true at HTS as the rich do not need to comply to the standard 10 char limit that is required for the commoner.

Confusion of goals and perfection of means seems, in my opinion, to characterize our age.
Albert Einstein

Re: Please ask questions ONLY in this topic.

PostPosted: Fri Aug 10, 2012 1:17 pm
by Sl1ck_x
From what I can tell, there is two different ways to solve this mission. You can what dm79 did and use javascript injections to solve this. Or you can take an easier way so you don't have to worry about syntax errors. I did this mission using firebug in FF for both the transfer of money and clearing of files. The only time I used an sql injection was for getting the usernames, after that it was all firebug.

Just a hint for anyone else who comes along trying to finish this mission...

Nudge in the Right Direction

PostPosted: Sat Aug 25, 2012 9:03 pm
by justforfunn
I never mean to spoil, so if this is cutting it close, by all means, edit/remove it.

Based on the objective, it should be apparent to you at this stage that there is going to be a back-end database that is allowing you to retrieve information, as well as hold account information, balance, etc. So, as all we've seen so far is SQL, its not a bad guess to start there, as in injection.

Think logically. Identify attack vectors/vulnerable functions. Privilege escalation is never going to hurt you. Don't say no to a handout. Think about what commands would need to be issued in order to achieve each objective, and where you can take advantage of the queries in forms/urls to inject something useful.

You're going to need information for starters. For those of you who are just getting your feet wet with SQL, try to visualize the table in your mind. The table name, the column names, rows, different entries, etc. In order to retrieve an item, you must ask for it with specific parameters. In other words, you must input arguments that collectively will be TRUE for the information you're looking for. Riddle me this, how can you make sure the query will be TRUE for ALL the entries? Great way to harvest valuable info, and I've used it successfully for the third time now on these missions. It's nice and compact too, making it more versatile (think character limitations). Worked for me as a password, once upon a time. Just trying to make you think. Good luck.


Oh, and as far as namedropping tools (poster before me lol), Firefox addons are plentiful. Most wont help you in this regard, but I will say that I do have Firebug as well and have YET TO USE IT on ANY of the missions Ive completed, thanks to a handful of little tools from Mozilla's add-on department that have been very handy in this enterprise ;)

Re: Please ask questions ONLY in this topic.

PostPosted: Fri Oct 05, 2012 12:41 am
by justwilliambrown
Can someone please help. No idea what i am doing wrong. How do i locate the list of users. I used firebug to view the source code quickly, but couldn't find it in the search users place. Please help.

Re: Please ask questions ONLY in this topic.

PostPosted: Tue Oct 09, 2012 11:49 am
by krisby174
Code: Select all
You have the right idea, but you need to transfer the money to dropCash

any idea :?:

Re: Please ask questions ONLY in this topic.

PostPosted: Mon Dec 03, 2012 9:10 am
by EcceGratum
Please help me in clearing the traces.
I have tried modifying the value of the **r parameter for the clear button in every possible way. *oo***s not involved in this, as far as i can see. What else could I look at?

Re: Please ask questions ONLY in this topic.

PostPosted: Tue Dec 11, 2012 12:54 am
by cjbrowne
Just attempting this one now, and I've got a good idea of what I'll need to do but I'm encountering an Error 500 whenever I try to do something with the database (i.e. search a username) through the web forms - is this normal or is something broken that will prevent me from completing the challenge?

Re: Please ask questions ONLY in this topic.

PostPosted: Wed Dec 12, 2012 12:49 pm
by limdis
*fixed* try again, sorry about the inconvenience

Re: Please ask questions ONLY in this topic.

PostPosted: Thu Feb 21, 2013 11:40 pm
by turtlekoala
Senegra wrote:Hi,

I'm new to HTS and i think it's great.

Just wanted to give a little hint to all inexperienced sql users. If you query a table and you don't use an order by clause, it will return your tupples by insert order. So if Mr Hunter was registered before we all started to mess around with the database, he will be amongst the first users that appear... hope i don't spoil it for anyone.


This isn't necessarily true. If there is no ORDER BY clause, then the order that the records are returned in is officially undefined. In practice, if there are no JOINs, then they will often be returned in the order that they are read from memory, but this behavior is not guaranteed.

Re: Please ask questions ONLY in this topic.

PostPosted: Sun Mar 10, 2013 2:18 pm
by linkgoron
Is the mission working correctly?

I'm not sure what the spoiler policy is, so I'm sorry if I'm saying something that's not allowed.

Anyway, I've tried every SQL statement that I could think of, the best I got were 5 usernames that start with zeros.
Am I missing something?