|
-
September 6th, 2004, 05:18 PM
#1
i just don't get it (ngsec 2nd level) referer
I've read both of these threads:
link1
link2
but i still cannot do the challenge on this page
ngsec
here are some things i don't get:
1.
HTTP1.0:
GET /game1/level2/l33t.php?login=admin&password=ngsec HTTP/1.0
Referer: www.hah-hah.com
<enter>
<enter>
HTTP1.1
GET /game1/level2/l33t.php?login=admin&password=ngsec HTTP/1.1
Host: quiz.ngsec.com
Referer: www.hah-hah.com
<enter>
<enter>
here are 2 examples from one of the AO pages. let's say that we forget about the username and password for now.
Is "GET /game1/level2/l33t.php HTTP/1.1 Host: quiz.ngsec.com Referer: www.blabla.com" one line or is that supposed to be seperate lines. Am I missing and spaces or characters.
2. Is name/password really necesary?
3. If this is performed correctly and I can actualy grab the page, will it open in IE or will it be saved on HD.
I tried to use "final spoof" I tried to use telnet. I refered to www.ngsec.com. i refered to quiz.ngsec.com. I don't know what I'm doing wrong. just please point me in right direction. I always get 400 bad request. I'm I just refering to a wrong page. If so than what kind of challange is it if I have to guess.
Pls help me I'm stupid
-
September 6th, 2004, 06:43 PM
#2
i've noticed that although the the name in the url is l33t.php the name in the source is validate_l33t.php how is that possible and which one should i use
-
September 6th, 2004, 08:31 PM
#3
just get burpproxy here and run it and see what is sent to the server when you connect. you will see a line called referer:, this you will have to alter into something that challenge is needing... (it will be something like www.ngsec.com) .
this will solve your problem..
hope this helps 
-
September 6th, 2004, 11:12 PM
#4
burp won't run since i have the newest jvm ... the beta version
-
September 7th, 2004, 03:06 AM
#5
unhappy if you read the page the hint is on it tells you the commands your listing are done through telnet...
<edit>The reffering page is not going to be the harhar.com or whatever.com. Its the specific one for that authinitcatin. Your one the right track but due to the nature of ngsec im not going to just flat out give you the answer.</edit>
-
September 7th, 2004, 03:42 AM
#6
Want a good program that will allow you to modify data between your client and the server?
Try out achilles
http://www.astalavista.com/?section=...d=file&id=2513
Its basically a proxy that you run on your computer. It will listen on a port you specify. Then, you configure your browser to use the proxy that achilles sets up. You can then use achilles to intercept the data between the client and server... modify as you wish and then send it along.
Quite fun really. 
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
September 7th, 2004, 06:24 AM
#7
Its basically a proxy that you run on your computer. It will listen on a port you specify. Then, you configure your browser to use the proxy that achilles sets up. You can then use achilles to intercept the data between the client and server... modify as you wish and then send it along.
burpproxy is just the same,
and so is proximitron, this is also a nice proxy to spoof several things....
-
September 7th, 2004, 03:43 PM
#8
thanx for your replies guys...
i understand what you are saying as far a proxy servers but like i said
burproxy won't work since i have incompatible JVM (it's the newest beta)
achilles won't work at all... i think it's because for now i'm stuck w/ AOL
BUT I DID FINISH THE 2ND LEVEL AS WELL AS THE 3RD AND 4TH
I still have some questions thought.
"GET /game1/level2/validate_l33t.php?login=admin&password=ngsec HTTP/1.1
Host: quiz.ngsec.biz
Referer: http://www.ngsec.com"
1. why does referer have to have "http://" specified in its definition
2. i thought that i will have to guess the referer but in the end i had to guess the "Host:" part and changed it to .biz ... WTF.. is there some obvious thing that i missed by witch the Host: was naturally .biz
3. #3 and #4 solutions could've been put into the browser window in a manner like this
"http://www.quiz.ngsec.com/game1/level3/blabbla.php:8080&login=&password= HTTP/1.1"
or something like that
is there a way to make 2 level to put into the browser insted of using telnet. I know that we have the "Host:" line and "Referer:" line but there should be a way to simulate "Enter" key w/ a character which could be between the lines which would make it ALL one line
Am I right and if so, is there such a character???
-
September 7th, 2004, 09:00 PM
#9
1. --> it doesn't have to, it's just what the site has used to allow access... (if i'm not mistaken).
2. --> the referer you had to guess, it had something to do with the company was the hint... as for the host:, i don't recall having to alter it to get passed that level...
3. --> i believe there is a way, although i can't think of it right now (just got home from a very stressing day at work ).
-
September 7th, 2004, 10:09 PM
#10
Junior Member
i just finished it as well, but i cant seem to figure out how to update my score. this is what i got when i beat the level.
<span class="cab"><b>Level 2 Complet
ed!</b></span><p>
<p class="txt"><b>CONGRATULATIONS!!! Authentication Completed!<
/b></p>
<p class="txt">At this point <b>you should update your score</b> filling
this form.</p>
<p class="txt"><b>Not yet registered?</b> Follow this link: <a hre
f="../register.php">Registration Form</a></p>
<form action="http://quiz.ngsec.com
/game1/update_score.php" method="POST">
Stay away from my friends, they\'re smooth operators lookin for a way in.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote