HackMe #2 - Learn Webhacking


(Burning away in an Explosion) #1

Hello and welcome my burning flammes!

I decided to make "HackMe" to a series and just finished testing and scripting the challenge for today.

Let’s start

Mission

Todays Mission isn't the easiest. You could see your new cookie with the name "Password" didn't you?

You have to insert a script that sends you this cookie of other persons. It’s not importent how you do this, but this time the webmaster used htmlentities() to be “secure” (He isn’t). Also the script shouldn’t be conspicuous. But more information you have to get on your own!

Accepted parameters of site:

Post:
  • Post
  • Name

Get:

  • None

Victims' URL:

DELETED

Help:

Ask or do your own research :wink:

HackMe (#1) - Learn WebHacking
(Burning away in an Explosion) #2

Just looked what is done after 3 clicks on the link :joy:

Nice work with the “dontclickmipls” Link. It was fun to click on it :+1:

I will delete some nonfuncinal after time

(Content not really controlled)


#3

LOL. I’m still new to this but it’s hella fun.


(Burning away in an Explosion) #4

It’s made to have fun by learning and try ’ instead of " :wink:


#5

Holy shit, I think I broke something LOL.


(Burning away in an Explosion) #6

Just have repaired it


#7

That DoS though. Good stuff.


(Burning away in an Explosion) #8

I have a bad feeling about the possibilities :scream:


Just kidding


(Not a N00b, but still learning) #9

Did you enable the ENT_QUOTES switch?


(Burning away in an Explosion) #10

No because I’m a bad Webmaster :stuck_out_tongue_winking_eye:


(Security Architect & Founder) #11

I am enjoying these. It would be cool if you did a little writeup for each mini ctf on how you did it (for those who didn’t find it first time).


(Ne0_) #12

Really like these challenges. Looking forward to increasing difficulties in the future. The current level is perfect for beginners and if the learning curve isn’t too steep, this could really become an awesome noob-to-semi-pro series :smiley:


(Burning away in an Explosion) #13

Solution is on the site under Link number 310 :stuck_out_tongue_winking_eye:

First Password: SUESVJY508qVpSflLEyT6UjXbVMYviDn


#14

k3kt.


(Burning away in an Explosion) #15

Good work :+1:
It works a little bit conspicuos, but it’s working :wink:

Other Passwords:
lkKtCLjYX2C87dWH0aVn3apdZ0v8F0D1
GOBPsR8YGkgHhwVMP0kmzmkyWfEPxoBe


(Burning away in an Explosion) #16

'Cause a problem with Bplaced I will move HackMe to another Domain. I will give you the URL when finished.


HackMe (#1) - Learn WebHacking
(Burning away in an Explosion) #17

Finally made the code for using it on your own webserver after a lot of time. I didn’t feel like I want to do it, but today I said: “Let’s do it before this topic is totally non-sense”.
Here are the files:

You can use it as you want but for the right feeling only import the hackme2.sql under the tabell name “HackMe1” and change the password.php file for the right database connection.

And can somebody close this topic?


#18