Please ask questions ONLY in this topic.

A little girl made a website to post poetry related to peace and understanding. American fascists have hacked this website replacing it with Hitler-esque propaganda. Can you repair the website?

Re: Please ask questions ONLY in this topic.

Post by desikid on Sat Nov 14, 2015 12:56 am
([msg=90566]see Re: Please ask questions ONLY in this topic.[/msg])

So my question is: we have to know how many directories there are to understand how to utilize DT to reset the website's original code. I just ended up guessing a checking with different amounts of ../ until I figured out how many are necessary. How are we supposed to know how many directories there are?

Also--how do we know that the files aren't filtered? For example, if I enter in poem_title in the poem title box, how do I know that doesn't get saved as poem_title.txt?

Lastly, how do we know that files are overridden and not automatically renamed by the server (perhaps by having a number appended to the file name)? These are all guesses I made when solving the problem.
desikid
New User
New User
 
Posts: 1
Joined: Sat Nov 14, 2015 12:47 am
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by limdis on Sun Nov 15, 2015 12:13 pm
([msg=90595]see Re: Please ask questions ONLY in this topic.[/msg])

Without dropping spoilers, the TL;DR answer is, "You really won't know for sure."

This is part of the process of penetration testing. You have to piece together what information you can about a target to find likely attack vectors. Assumptions will have to be made because you will almost never have the full souce/admin access.
"The quieter you become, the more you are able to hear..."
"Drink all the booze, hack all the things."
User avatar
limdis
Moderator
Moderator
 
Posts: 1657
Joined: Mon Jun 28, 2010 5:45 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by hackobsza on Sat Jan 02, 2016 6:21 am
([msg=91122]see Re: Please ask questions ONLY in this topic.[/msg])

This is very frustrating for me. I did find the original by guessing what the hacker should name it site but i'm not sure this is what you guys do. :shock:
spoilers!
And I did figure that the poem was saved with file name as same as the poem name and the poem as the content. Am I right?
and what i should do is *** SPOILERS REMOVED ***
Can anyone please confirm that I'm on the right track.


Bad English is bad, LOL.
hackobsza
New User
New User
 
Posts: 1
Joined: Sat Jan 02, 2016 6:11 am
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by cyberdrain on Tue Jan 05, 2016 8:19 pm
([msg=91172]see Re: Please ask questions ONLY in this topic.[/msg])

hackobsza wrote:spoilers!

Kindly remove those or an admin will do it for you. These are not allowed anywhere on the forums. As for your question, you're on the right track, think what you want to do and what you can do, then combine the two.
Free your mind / Think clearly
User avatar
cyberdrain
Expert
Expert
 
Posts: 2160
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by thrownawayfood on Fri Jan 08, 2016 11:05 pm
([msg=91234]see Re: Please ask questions ONLY in this topic.[/msg])

I fully understand how DT works and I'm pretty sure I have manipulate the PHP in the submit page. However, I'm not familiar with which PHP functions are relevant here. I'm pretty sure I understand how the PHP script gets your form values, but I'm not sure how to exploit it to change the website back. Are there some functions or common variable names that I should be looking up?
thrownawayfood
New User
New User
 
Posts: 4
Joined: Tue Dec 29, 2015 2:06 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by insttechno on Sat Jan 09, 2016 8:38 pm
([msg=91238]see Re: Please ask questions ONLY in this topic.[/msg])

just spent so long on this when it really doesnt need to take that long

1. Think of where the poems get stored (hint already in this thread about where they are)
2. if you traverse above that directory what directory you are in
3. Find where to submit stuff
insttechno
New User
New User
 
Posts: 8
Joined: Fri Jan 08, 2016 9:40 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by cyberdrain on Tue Jan 12, 2016 10:39 am
([msg=91265]see Re: Please ask questions ONLY in this topic.[/msg])

thrownawayfood wrote:I fully understand how DT works and I'm pretty sure I have manipulate the PHP in the submit page. However, I'm not familiar with which PHP functions are relevant here. I'm pretty sure I understand how the PHP script gets your form values, but I'm not sure how to exploit it to change the website back. Are there some functions or common variable names that I should be looking up?

You're going about this the wrong way, think of what the program is doing server side and how you could exploit that. You don't have to code in PHP for completion of this mission.
Free your mind / Think clearly
User avatar
cyberdrain
Expert
Expert
 
Posts: 2160
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by Blueue on Tue Feb 16, 2016 8:09 pm
([msg=91635]see Re: Please ask questions ONLY in this topic.[/msg])

So I figured out how to complete this one, though, admittedly through a lot of guessing. I am left with one question: how does this DT work? I think this is due to my poor understanding of PHP, but why spoilerish stuff.
Blueue
New User
New User
 
Posts: 2
Joined: Sat Feb 13, 2016 4:55 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by cyberdrain on Sat Feb 20, 2016 7:34 am
([msg=91659]see Re: Please ask questions ONLY in this topic.[/msg])

Blueue wrote:So I figured out how to complete this one, though, admittedly through a lot of guessing. I am left with one question: how does this DT work? I think this is due to my poor understanding of PHP, but why spoilerish stuff.

The file is saved temporarily, as it says. You have to save it somewhere that actually does something, which isn't where you are at the moment. So you escape that and overwrite the data in the right place.
Free your mind / Think clearly
User avatar
cyberdrain
Expert
Expert
 
Posts: 2160
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by mShred on Mon Feb 22, 2016 7:59 pm
([msg=91678]see Re: Please ask questions ONLY in this topic.[/msg])

Blueue wrote:So I figured out how to complete this one, though, admittedly through a lot of guessing. I am left with one question: how does this DT work? I think this is due to my poor understanding of PHP, but why spoilerish stuff.

Take a good look at where it is that you're operating in. Then take a second to determine where is it that you want to be operating in.
For those about to hack, I salute you.
teehee
image
User avatar
mShred
Administrator
Administrator
 
Posts: 1899
Joined: Tue Jun 22, 2010 4:22 pm
Blog: View Blog (2)


PreviousNext

Return to (Real 3) Peace Poetry: HACKED

Who is online

Users browsing this forum: No registered users and 0 guests