vladiii Posted January 19, 2008 Report Posted January 19, 2008 [url]http://vladiii.phpnet.us/vuln.php[/url]Incercati sa injectati JavaScript in pagina, sa afisati un alert sau mai stiu eu ce. Astept aici printscreenurile, iar metoda pe privat.P.S. Fara FireBug sau alte tooluri asemanatoare Bafta ! Quote
nullbyte Posted January 19, 2008 Report Posted January 19, 2008 SlicK te implor trimite-mi un PM cum ai facut si dupa ce te-ai ghidat Quote
michee Posted January 20, 2008 Report Posted January 20, 2008 mah cum dracu, ca nici nu stiu de unde sa incep...de fapt cred ca mi-a venit o idee...... Quote
vladiii Posted January 23, 2008 Author Report Posted January 23, 2008 Brava.Cod php vulnerabil:<?php$cookie=$_COOKIE['HackMe'];if ($cookie != "") { $cookie=base64_decode($cookie); $x=explode("-", $cookie); $nr=$x[1]; if ($nr != 0) { echo "<center>Mai ai $nr sanse.</center>"; $nr=$nr-1; $cookie2=$x[0]."-".$nr; $cookie2=base64_encode($cookie2); setcookie("HackMe", $cookie2, time()+5000); } else { echo "<center>Nu mai ai nicio sansa.</center>"; } }else { $ip=$_SERVER['REMOTE_ADDR']; $plays=10; $cookie3=$ip."-".$plays; $cookie3=base64_encode($cookie3); setcookie("HackMe", $cookie3, time()+5000); echo "<center>Mai ai 11 sanse.</center>"; }echo "<center>badc0de by vladiii</center>";?>Practic se codeaza IPul si nr. de incercari in base64.Linia vulnerabila este echo "<center>Mai ai $nr sanse.</center>"; Pt. ca acele cookies pot fi modificate foarte usor cu ceva de genu:127.0.0.1-7"><script>alert(1)</script>Toti au facut la fel cum am zis.Bafta ! Quote
Nabukadnezar Posted January 30, 2008 Report Posted January 30, 2008 e super challenge-ul... ar trebui sa-l pui pe hts sau hackits sau alt site asemanator Quote
