Please ask questions ONLY in this topic.

Re: Beyond Lost

Post by Damascus2k8 on Wed Jun 25, 2008 7:51 pm
([msg=5768]see Re: Beyond Lost[/msg])

Damascus2k8 wrote:The only real help i can give you without giving it all away is, your XSS syntax has to be SPOT ON PERFECT.

djpitagora wrote:I know it's frustrating. Apparently the script wants a particular type of cookie stealer. I don't know...it compares strings I guess and when it finds what it likes in it the script will give you the cookie. I tested like 3-4 different script (all working!!!) until I finally got the right one.


'nuff said :P


C0362AF19B89E861F21485CE1D2B430E



"Change your thoughts and you change your world!"
Damascus2k8
Experienced User
Experienced User
 
Posts: 68
Joined: Mon Apr 14, 2008 8:18 pm
Location: /root
Blog: View Blog (0)


Re: Beyond Lost

Post by morcant on Wed Jun 25, 2008 8:51 pm
([msg=5776]see Re: Beyond Lost[/msg])

I finally found the code I needed crammed in a back corner of an unrelated website. I would have never figured it out on my own. I still can't believe that it was right, but it did work. I wish the best of luck to those who haven't figured it out yet.
morcant
New User
New User
 
Posts: 3
Joined: Mon Jun 23, 2008 5:05 pm
Blog: View Blog (0)


cleaning log file

Post by andreams on Thu Jun 26, 2008 6:10 am
([msg=5807]see cleaning log file[/msg])

I've created a page modifying strFilename's value in the form...or I've modified directly the URL...
Those methods would be right in the real world? I can change a POST variable by URL?

Ok now I come back to the game...only XSS...
I think I have to use a script in the text field...but I don't know what javascript's instruction could help me to change the directory! Googling I've found only how to do this by URL without scripts...
Can anyone direct me on the right way!?

Thanks for replies
andreams
New User
New User
 
Posts: 4
Joined: Thu May 29, 2008 7:10 am
Blog: View Blog (0)


Re: Please Help Me

Post by stevenator1 on Fri Jun 27, 2008 10:20 am
([msg=5921]see Re: Please Help Me[/msg])

Karate-Boy wrote:I can edit the cookies as I want, but in what must I change it?? I've tried many things, but nothing works.. :(
plz help me!!


First of all, say please instead of plz and only use one ?, or you sound like a begger. Editing cookies wont help ya here. I havent figured out realistic 9 yet myself, but from reading posts I know you have to attack the boss (m-crap) with xss scripting that compares strings so you can get the bosses password and log in as him.
stevenator1
New User
New User
 
Posts: 3
Joined: Thu Jun 26, 2008 10:32 am
Blog: View Blog (0)


Re: Cleaning The log Files

Post by thelly on Fri Jun 27, 2008 5:32 pm
([msg=5940]see Re: Cleaning The log Files[/msg])

Hi there,

Is there any problem on the cleaning system ? I tried many things with the path I found, but it is still impossible to clean the log, even if I follow what the subscription message says.

I will appreciate some help.

Thanks in advance.
thelly
New User
New User
 
Posts: 2
Joined: Thu Jun 19, 2008 10:49 am
Blog: View Blog (0)


Help on clearing the log files.

Post by fr3ako on Fri Jun 27, 2008 11:27 pm
([msg=5956]see Help on clearing the log files.[/msg])

I have tried using javascript. Like
Code: Select all
-redacted-

But it doesnt work.

Anyway, what is considered proper clearing of logfiles? My logfiles only contain a login and bad login. Theres isnt any other things left there?
fr3ako
New User
New User
 
Posts: 1
Joined: Fri Jun 27, 2008 11:21 pm
Blog: View Blog (0)


Help w/ syntax

Post by thanaa on Sun Jun 29, 2008 8:33 am
([msg=6049]see Help w/ syntax[/msg])

I'm not gonna post anything here but if anyone would be willing, i've tried 4 different ways to do what im supposed to..all 4 work i've tested them on my own site. I'm reading that my syntax has to be perfect. All 4 ways are coming up as ..."clean" on a javascript syntax validator. Would love at least a nudge in the right direction on what im doing wrong.

Thanks


edit: nvm i finally got it. i kept skipping over something just assuming that it wasn't the way to do it...
thanaa
New User
New User
 
Posts: 16
Joined: Sat Jun 28, 2008 9:46 pm
Blog: View Blog (0)


Re: Test or not Test!?

Post by pitagora on Mon Jun 30, 2008 6:13 am
([msg=6118]see Re: Test or not Test!?[/msg])

andreams wrote:
poison_geek wrote:i dont think you would be allowed to write anything except the good code...


Ok I was thinking like a real website...

many thanks for your help

actually you weren't thinking of a real site at all :) Did you think for a minute where in the page you inject the code? Who gets to see the altered page? If you send it in a message you sure don't :)
pitagora
New User
New User
 
Posts: 8
Joined: Tue Jun 17, 2008 10:41 am
Blog: View Blog (0)


Re: Finishing the mission

Post by stevenator1 on Mon Jun 30, 2008 2:52 pm
([msg=6152]see Re: Finishing the mission[/msg])

fooffee wrote:Please :oops: Can not figure out how to clear the logs. I know it have something to do with the "E-mail submission" but i don´t know what to type there.

Thx for your patience :)


If you want to request it, i will PM you the answer, but i will give hints out on the public forum.
Look at the code on the email description page. You will find the subdirectories to get to the mailing list. Go to the /files directory, then you can find the address of the *.txt where the logs are kept. Now you need to figure out how to delete the files. I use firebug (an add-on for firefox) and the information on the email subscription page to accomplish this. I think that from here, you can accomplish the task. Think of how you can get the system that purges the emails to instead purge the logfiles.
stevenator1
New User
New User
 
Posts: 3
Joined: Thu Jun 26, 2008 10:32 am
Blog: View Blog (0)


HOW DO YOU MAKE A COOKIE STELAER

Post by spazzemaster on Thu Jul 10, 2008 10:19 pm
([msg=7147]see HOW DO YOU MAKE A COOKIE STELAER[/msg])

Aye hey i'm new to this hole hacking deal I need to find out how to make a cookie stealer
spazzemaster
New User
New User
 
Posts: 14
Joined: Wed Jul 09, 2008 9:31 pm
Blog: View Blog (0)


PreviousNext

Return to (Real 9) CrappySoft

Who is online

Users browsing this forum: No registered users and 0 guests