The Guesbook Gehe zur The Guestbook Challenge
Gesamtpunkte: 362447
Nachrichten: 107
Dank: 151
+Votes: 94
Registriert : 16y 27d
Der Benutzer ist Offline
The Guesbook
15. Nov 2010 17:25:06 (13y 178d)
15. Nov 2010 17:25:06 (13y 178d)
Hi all,
I know the trick how to exploit it, I also recieve some error. I just don't get the correct string to exploit... any hint maybe what to google for?
I know the trick how to exploit it, I also recieve some error. I just don't get the correct string to exploit... any hint maybe what to google for?
Globaler Rang: 253
Gesamtpunkte: 87265
Nachrichten: 1639
Dank: 1339
+Votes: 887
Registriert : 16y 84d
Zuletzt gesehen am: 14s
Der Benutzer ist Online
RE: The Guesbook
15. Nov 2010 18:25:40 (13y 178d)
15. Nov 2010 18:25:40 (13y 178d)
I think there is nothing "specific" you could google for this challenge.
As always, "Code you see is code in use". No simulations.
A good idea is maybe to create the database/tables yourself and do the injections on your localhost with mysql console.
Good luck!
As always, "Code you see is code in use". No simulations.
A good idea is maybe to create the database/tables yourself and do the injections on your localhost with mysql console.
Good luck!
The geeks shall inherit the properties and methods of object earth.
Globaler Rang: 4968
Gesamtpunkte: 3187
Nachrichten: 7
Dank: 10
+Votes: 11
Registriert : 12y 91d
Zuletzt gesehen am: 5y 171d
Der Benutzer ist Offline
RE: The Guesbook
2. Mär 2012 14:22:16 (12y 71d)
2. Mär 2012 14:22:16 (12y 71d)
It would be more helpful if you post the error messages here, instead the way of solving.
Regards
gizmore
Regards
gizmore
Zuletzt geändert von gizmore - 2. Mär 2012 14:30:07
Globaler Rang: 4968
Gesamtpunkte: 3187
Nachrichten: 7
Dank: 10
+Votes: 11
Registriert : 12y 91d
Zuletzt gesehen am: 5y 171d
Der Benutzer ist Offline
RE: The Guesbook
3. Mär 2012 07:22:00 (12y 70d)
3. Mär 2012 07:22:00 (12y 70d)
I'm sorry about that. Actually figured what the garbled text was which I was getting as a reply. It was a gzipped version of the page. That is why I couldn't make head or tails of the characters. But now there is a new problem. My request gets timed out every time I send it to index.php . Even if I try without logging in and w/o adding the injection, it doesn't let me add entries to the guestbook. The code is what I posted yesterday. I can repost a short version of it here if you wouldn't mind (w/o the injection ofcourse).
Globaler Rang: 253
Gesamtpunkte: 87265
Nachrichten: 1639
Dank: 1339
+Votes: 887
Registriert : 16y 84d
Zuletzt gesehen am: 15s
Der Benutzer ist Online
RE: The Guesbook
3. Mär 2012 17:37:00 (12y 69d)
3. Mär 2012 17:37:00 (12y 69d)
Hmm, no idea what it could be.
You may post some code that does not spoil the vulnerability
You may post some code that does not spoil the vulnerability
The geeks shall inherit the properties and methods of object earth.
Globaler Rang: 4968
Gesamtpunkte: 3187
Nachrichten: 7
Dank: 10
+Votes: 11
Registriert : 12y 91d
Zuletzt gesehen am: 5y 171d
Der Benutzer ist Offline
RE: The Guesbook
5. Mär 2012 15:22:39 (12y 68d)
5. Mär 2012 15:22:39 (12y 68d)
Sure , here is the code that I am using to post the message onto the guestbook. It seems to timeout everytime I try posting it. I do get some reply but it always ends with a timeout. Sorry about the late reply BTW.
It gets time out everytime I try to post something. This is the error message :
I was wondering why a request as the above would take so much time, while it posts properly from the browser in a very short time.
GeSHi`ed Plaintext Quelltext
1 2 3 4 56 7 8 9 1011 12 13 14 1516 17 18 19 2021 22 23 24 2526 27 28 29 30 |
<?php
$callserv = fsockopen("10.201.13.50",80); //This is the proxy server at my university. Opening a socket to it.
$out1 = "POST http://www.wechall.net/challenge/guestbook/index.php HTTP/1.1\r\n".
"Host: www.wechall.net\r\n".
"User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8 ( .NET CLR 3.5.30729)\r\n".
"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n".
"Accept-Language: en-us,en;q=0.8,ko-kr;q=0.5,mr;q=0.3\r\n".
"Accept-Encoding: gzip,deflate\r\n".
"Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\n".
"Proxy-Authorization: Basic (blah blah blah)==\r\n". //These are my credentials. So removing them.
"Proxy-Connection: keep-alive\r\n".
"Content-Type: application/x-www-form-urlencoded\r\n".
"Content-Length: 39\r\n".
"\r\n";
"message=Hello+World&sign=Sign+Guestbook";
//$out2 = "";
if(!$callserv){
echo "Sorry";
return;
}
else {
fwrite($callserv,$out1);
}
while (!feof($callserv)) {
echo fgets($callserv);
}
fclose($callserv);
?>
|
It gets time out everytime I try to post something. This is the error message :
GeSHi`ed Plaintext Quelltext
1
2
3
4
56
|
( ! ) Fatal error: Maximum execution time of 30 seconds exceeded in C:\wamp\www\socket1.php on line 26
Call Stack
# Time Memory Function Location
1 0.0186 369376 {main}( ) ..\socket1.php:0
|
I was wondering why a request as the above would take so much time, while it posts properly from the browser in a very short time.
Globaler Rang: 109
Gesamtpunkte: 161663
Nachrichten: 13
Dank: 16
+Votes: 15
Registriert : 15y 85d
Zuletzt gesehen am: 1y 14d
Der Benutzer ist Offline
RE: The Guesbook
5. Mär 2012 18:09:56 (12y 67d)
5. Mär 2012 18:09:56 (12y 67d)
Are you sure you don't have to enter some kind of password to be able to use the proxy?
Globaler Rang: 544
Gesamtpunkte: 46340
Nachrichten: 220
Dank: 205
+Votes: 214
Registriert : 13y 146d
Der Benutzer ist Offline
RE: The Guesbook
5. Mär 2012 20:11:37 (12y 67d)
5. Mär 2012 20:11:37 (12y 67d)
and why do you use a proxy? you could try the same without…
Contact only via c3BhY2VAd2VjaGFsbC5uZXQ= or PM...
Windows can be secure... but only if you don't use it
Windows can be secure... but only if you don't use it
Globaler Rang: 253
Gesamtpunkte: 87265
Nachrichten: 1639
Dank: 1339
+Votes: 887
Registriert : 16y 84d
Zuletzt gesehen am: 15s
Der Benutzer ist Online
RE: The Guesbook
6. Mär 2012 04:32:06 (12y 67d)
6. Mär 2012 04:32:06 (12y 67d)
It seems like basic authentication is sent in some http header.
Also some universities might require a proxy to connect to the outside (not sure here)
As i have no experience with proxies i cannot help here.
Challenge idea?
gizmore
Also some universities might require a proxy to connect to the outside (not sure here)
As i have no experience with proxies i cannot help here.
Challenge idea?
gizmore
The geeks shall inherit the properties and methods of object earth.
Globaler Rang: 4968
Gesamtpunkte: 3187
Nachrichten: 7
Dank: 10
+Votes: 11
Registriert : 12y 91d
Zuletzt gesehen am: 5y 171d
Der Benutzer ist Offline
RE: The Guesbook
6. Mär 2012 06:44:06 (12y 67d)
6. Mär 2012 06:44:06 (12y 67d)
@ monnino : yes it needs a username and password. I have blanked them out by the (blah blah blah).
@ space : its not a choice
the university needs us to authenticate everytime we need to use the internet
@gizmore : Thanks anyways, will try some other way to get around it
@ space : its not a choice
the university needs us to authenticate everytime we need to use the internet@gizmore : Thanks anyways, will try some other way to get around it
jacobs, Redknee, tunelko, silenttrack, n0tHappy, quangntenemy, TheHiveMind, Z, balicocat, Ge0, samuraiblanco, arraez, jcquinterov, hophuocthinh, alfamen2, burhanudinn123, Ben_Dover, stephanduran89, braddie0, JanLitwin17, SwolloW, dangarbri haben dieses Thema abonniert und erhalten EMails bei einer neuen Nachricht.
1 Personen sehen sich diese Thema gerade an.
Dieses Thema wurde 185339 mal angesehen.
1 Personen sehen sich diese Thema gerade an.
Dieses Thema wurde 185339 mal angesehen.