A question about forms, help would be appreciated.

Discuss the many weaknesses of browser security and ways to mitigate the threat

A question about forms, help would be appreciated.

Post by CrackTheSky on Mon Jun 22, 2009 3:23 pm
([msg=25759]see A question about forms, help would be appreciated.[/msg])

Okay, so, I just copied the full source for the login box on a website typically used by my brother.
I pasted it in a Notepad document and did the little "Save as .html" thing.
And the forms work exactly how they should and everything runs smoothly.
I'm excited I've discovered a way to access this website easier and quicker, but I would like to try something else.

For a prank, and astonishment purposes only.
I don't plan on doing anything malicious with this, though I'm sure that's what everyone who would plan on doing something malicious would say.

But, I'm curious if there is a way to have the contents of the forms (Login, Password), once they are filled, saved to a directory on my computer of my choosing?
I've done some scouring before I came to you guys, but I'm not sure if it can be done.
I figured, if anyone knew it would be the HTS board members.
Still hardcore script kiddie, so I'm just curious.

Most the time my words don't come out how I plan so if you need me to re-explain what I'm after please say something.
Any help would be appreciated.
And I really can't stress enough that I'm not gonna like go around stealing peoples login details.
Actually my brother is the only person I know who uses that site haha.
But I understand if there's no help you can provide if you believe I have malicious intents.

Thanks in advance!

-Crack.
CrackTheSky
New User
New User
 
Posts: 4
Joined: Sat Jun 20, 2009 8:43 pm
Blog: View Blog (0)


Re: A question about forms, help would be appreciated.

Post by mischief on Mon Jun 22, 2009 4:35 pm
([msg=25764]see Re: A question about forms, help would be appreciated.[/msg])

i think you should try to learn some more about how webservers and server-side scripting works before going any further.

http://en.wikipedia.org/wiki/Server-side_scripting
http://en.wikipedia.org/wiki/HTTP
http://en.wikipedia.org/wiki/HTML_form

please read all those, and try to do some research on your own about how web servers process form data.
The whole secret of existence is to have no fear. Never fear what will become of you, depend on no one. Only the moment you reject all help are you freed.
--Buddha
User avatar
mischief
Poster
Poster
 
Posts: 355
Joined: Wed Jan 07, 2009 4:16 pm
Blog: View Blog (0)


Re: A question about forms, help would be appreciated.

Post by Tentra on Mon Jun 22, 2009 4:49 pm
([msg=25767]see Re: A question about forms, help would be appreciated.[/msg])

CrackTheSky wrote:But, I'm curious if there is a way to have the contents of the forms (Login, Password), once they are filled, saved to a directory on my computer of my choosing?


If you mean from the HTMLthat you have saved locally, I don't think you can save files with HTML, for that I would use PHP. On the other hand if you want to save the information when your brother goes to the actual website you should look at:

http://en.wikipedia.org/wiki/Phishing
http://www.microsoft.com/protect/yourse ... ntify.mspx
http://en.wikipedia.org/wiki/ARP_spoofing
http://www.osischool.com/protocol/arp/arp-spoofing/
http://www.oxid.it/downloads/apr-intro.swf
User avatar
Tentra
Poster
Poster
 
Posts: 161
Joined: Wed Apr 30, 2008 4:52 pm
Blog: View Blog (0)


Re: A question about forms, help would be appreciated.

Post by CrackTheSky on Mon Jun 22, 2009 5:01 pm
([msg=25770]see Re: A question about forms, help would be appreciated.[/msg])

Tentra wrote:
CrackTheSky wrote:But, I'm curious if there is a way to have the contents of the forms (Login, Password), once they are filled, saved to a directory on my computer of my choosing?


If you mean from the HTMLthat you have saved locally, I don't think you can save files with HTML, for that I would use PHP. On the other hand if you want to save the information when your brother goes to the actual website you should look at:

http://en.wikipedia.org/wiki/Phishing
http://www.microsoft.com/protect/yourse ... ntify.mspx
http://en.wikipedia.org/wiki/ARP_spoofing
http://www.osischool.com/protocol/arp/arp-spoofing/
http://www.oxid.it/downloads/apr-intro.swf



Alright, and with PHP I can take what was entered in the forms and save it locally on my pc?

Like, I made my own webpage basically, though just bare bones it works perfectly and everything.
Just saved it as a file on my computer and I run it and use the bare-bone login to get to the actual website.
So I figured there should be a way to somehow since it's a local file that we're running in the first place.
I dunno, I'm obviously new as hell, but it made sense to me that webpages will have tighter security when it comes to this, and that since I'm loading the file from my computer there should be no security and saving what was entered in the forms should be easy.

So I guess I'll look into PHP and try to find a way.
The script for it is big, and has a lot of things I'm sure I could take out to make it less secure, and work more for me. But, I don't know how obviously.

Thanks for the help though!
To both of you!
Anything else will be greatly appreciated.
Trying to get back into this beautiful world of hacking :D
CrackTheSky
New User
New User
 
Posts: 4
Joined: Sat Jun 20, 2009 8:43 pm
Blog: View Blog (0)



Return to Web

Who is online

Users browsing this forum: No registered users and 0 guests