Please ask questions ONLY in this topic.

Uptight religious fanatics are failing free-thinking students for questioning their faith. Fulfill every teenage hacker's ultimate fantasy: hack into the school database and change grades! This level has several different layers of security and several different ways of completing it. Enjoy!

Re: Please ask questions ONLY in this topic.

Post by anonymous501 on Tue Jan 26, 2016 5:56 am
([msg=91395]see Re: Please ask questions ONLY in this topic.[/msg])

teacher id=19: Mr. Gordon Freeman.
Well played.
It may take me years, but I will learn, and I will do to you what you have done to the innocent

Unless you wipe yourselves out before that. You idiots.
anonymous501
New User
New User
 
Posts: 16
Joined: Thu Oct 01, 2015 4:05 am
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by Mmac73007_ on Thu Feb 25, 2016 8:49 pm
([msg=91713]see Re: Please ask questions ONLY in this topic.[/msg])

I'm having fun with this challenge, but its very frustrating at the end. I was logged in as s****** with the user agent set to "holy_teacher", updated the value of the admin cookie, changed all of the grades I needed to update through the method implied by the source code... Am I just being an idiot and forgetting something?
Mmac73007_
New User
New User
 
Posts: 1
Joined: Wed Feb 24, 2016 8:23 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by zioulk on Thu Dec 22, 2016 11:26 pm
([msg=93216]see Re: Please ask questions ONLY in this topic.[/msg])

The frustration I felt from this mission compelled me to post on the forum haha. Please forgive me if this is too spoilery, I'm trying to be helpful but I understand I might cross the line, please modify as necessary.

So I spent way to much time trying to appendChild fields to the grade change form, so that when I did a javascript injection into the URL bar, I could simulate the click of a "submit" button. If anyone is using this approach, don't bother with this, just look at the source code and look at what the form will do, and think of what fields you need to add to make . Think what the URL would look like based on what is already in the source code if you added another field. Look at each modify form, and guess what the one extra field you need to add to it is.

How I solved this mission:
1. There is no way to find the place where staff will access in the source code, assume that the teachers will get to this page using their special teacher's portal. But look at the URL of the student login is, and you can guess what the staff login URL is.

2. You need to guess a combination of username and password. I think the right way is to just brute force every single one of them. Simple passwords: some people will use "password", but that's not the case here, think of something else that is easy to remember, something you can remember once you see the username. Honestly, the description of the teacher does give a clue of which to use, but that's not realistic at all, just a coincidence; the teacher says something about grades. (If this is too spoilery, please remove) Happy searching. Or you can just brute force everything.

3. Using the browser supplied by teachers - you really don't need to download addons or use firefox. On chrome, developer tools can spoof what user agent you are. Look for the "network conditions" button somewhere.

4. Only admins can modify - cookie modification; you should be familiar with these by now.

5. Don't think too hard of how to modify the HTML form using javascript injections. No javascript injection is necessary here. Just look in the source code for what a request to modify the grade looks like, and add the necessary fields in the URL.

Hope this isn't too spoilery, please edit if necessary. Most of what is here is already in the forum post, but I hope this will help so that you don't necessarily have to scroll through 16 pages.
zioulk
New User
New User
 
Posts: 1
Joined: Thu Dec 22, 2016 11:10 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by PavelG on Wed Feb 15, 2017 1:28 am
([msg=93441]see Re: Please ask questions ONLY in this topic.[/msg])

Thank you all for help.
Even though it seemed like ppl were giving away the solution it was still tricky enough.

I would've never figured out agent thing.
and the teachers login and pass wasn't very obvious either.
changing the grades were no problem.

Thanks all for your inputs ;)
PavelG
New User
New User
 
Posts: 8
Joined: Fri Jan 20, 2017 5:16 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by user202729 on Mon Jul 17, 2017 5:09 am
([msg=93946]see Re: Please ask questions ONLY in this topic.[/msg])

Note:

1. It is possible to find the staff login page (different from user login page) in the website itself. It's just that the page has too much content that you may pass over that.

Hint: [There is a weirdly-named picture.] <-- Black text on black background

Also I have some questions. (I solved that already)

1. Is there any simpler way to send POST request using javascript simpler than XMLHttpRequest? I find that not remember-able.
2. When I did something, instead of the page update, I get "hackthissite.org says" alert box and the html source code of the page I should be seeing. Am I doing it the right way? or it is possible to send all in the content of GET request?
user202729
New User
New User
 
Posts: 3
Joined: Thu Jul 13, 2017 11:09 pm
Blog: View Blog (0)


Previous

Return to (Real 10) Holy Word High School

Who is online

Users browsing this forum: No registered users and 0 guests