-
August 18th, 2008, 01:21 AM
#1
Member
help hacking the login form....hacker challenge
ok, I came across this hacker challenge, and it seems to work like this:.... anyone can register, once you register you can login, but you get a message saying that "you are a regular user, and you need administrator rights"....all the authentication is done against a mysql backend database, which contains the usernames and passwords, with that the first thing I tried was sql injection to see if the app would spit out all the content of the table... so I tried something simple like ' or 'x'='x which in sql evaluates to true, that didn't work so I use webscarab to kind of launch a dictionary attack against the login page using sql injection, but I think the application is doing input validation or stripping the input from any tags or slashes.... the other vector attack could be either a weakness in the cookie or sessionid but I haven't got there yet.
here's the link http://www.pctechtips.org/pwn3d_login.php
any help appreciated
thanks
Last edited by k_tech; August 18th, 2008 at 01:23 AM.
-
August 19th, 2008, 06:51 PM
#2
It is just the username in a cookie that is hashed. Change the value of it to the md5 of the word "admin" refresh and you got it
I have a small howto on changing cookies on my forum:
http://tech-board.net/viewtopic.php?f=15&t=3
-
August 19th, 2008, 08:02 PM
#3
Member
here's a good md5 cracker
http://gdataonline.com/seekhash.php
and I use cookie editor in firefox
-
August 19th, 2008, 11:45 PM
#4
Junior Member
-
August 20th, 2008, 01:36 AM
#5
Brute forcing is not really practical... Its usually best to try rainbow tables or a dictonary first...
-
August 21st, 2008, 01:28 AM
#6
Member
no to mention you leave traces in the logs and all over the place
www.pctechtips.org
-
August 22nd, 2008, 03:54 PM
#7
Not if you have the md5 hash on your local machine and you are trying to crack it there... thats what you are doing in this case.
-
August 25th, 2008, 04:17 AM
#8
Junior Member
Originally Posted by k_tech
Is it just me or does that site not work right now? no matter what you put in it just comes up blank.
Similar Threads
-
By Sick Dwarf in forum Newbie Security Questions
Replies: 8
Last Post: September 26th, 2002, 12:30 AM
-
By TURBOWEST in forum The Security Tutorials Forum
Replies: 4
Last Post: September 23rd, 2002, 05:46 AM
-
By Isellcrack4FBI in forum AntiOnline's General Chit Chat
Replies: 2
Last Post: July 4th, 2002, 02:40 PM
-
By Noble Hamlet in forum AntiOnline's General Chit Chat
Replies: 1100
Last Post: March 17th, 2002, 09:38 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|