Active Members dancezar Posted November 10, 2014 Active Members Report Posted November 10, 2014 (edited) URL: http://www.pwnthecode.org/challenges/xss_chall.php/Y2FjYXQ=Level: ?Cerinte:1) Folositi numai google chrome (cu altceva nu merge rezolvat)2) Scoateti o alerta ( nu confirm nu promt) cu document.cookieHint: Ca sa nu va bateti capu aiurea , nu are legatura cu sursa obuscataSolvers:-BitMap -dcristi-dekeeu- Edited November 14, 2014 by danyweb09 Quote
Active Members dancezar Posted November 11, 2014 Author Active Members Report Posted November 11, 2014 *.*.*.* - - [10/Nov/2014:19:13:09 +0100] "GET HTTP/1.0" 304 198 "http://www.pwnthecode.org/challenges/xss_chall.php/ce-ai-facut-mai-dany-aici-))" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.111 Safari/537.36")) bineBaieti ... e un string codat in base64 zau , toti numai dupa stringul in base64 anaintea lui ,in interiorul lui , dar de decodat si codat la loc ati incercat?Este doom apropo... Quote
BitMap Posted November 11, 2014 Report Posted November 11, 2014 Stiam eu ca o sa se uite cineva pe acolo Mai glumim, mai incercam, dar dovada stii cam pe unde e GJ. Quote
Active Members dancezar Posted November 12, 2014 Author Active Members Report Posted November 12, 2014 (edited) Stiam eu ca o sa se uite cineva pe acolo Mai glumim, mai incercam, dar dovada stii cam pe unde e GJ.))))))) nu ma asteptam ca tu sa fi fost, bravo boss, interesanta rezolvarea ta ai pm cu cea pe care am gandito eu .Apropo uitati ceva interesant din loguri:*.*.*.* - - [12/Nov/2014:01:34:40 +0100] "GET /challenges/xss_chall.php/acunetix-wvs-test-for-some-inexistent-file HTTP/1.0" 200 6310 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36"sau de la acelasi persoana:*.*.*.*- - [12/Nov/2014:01:34:55 +0100] "GET /challenges/xss_chall.php/?page=../../../../../../../../../etc/passwd%00.jpg HTTP/1.0" 200 6203 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36"*.*.*.* - - [12/Nov/2014:01:35:12 +0100] "GET /challenges/xss_chall.php//.../.../.../.../.../.../.../.../windows/win.ini HTTP/1.0" 200 6203 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36" Edited November 12, 2014 by danyweb09 Quote
dcristi Posted November 12, 2014 Report Posted November 12, 2014 (edited) Cu firefox se pune? Edited November 12, 2014 by dcristi Quote
SilenTx0 Posted November 12, 2014 Report Posted November 12, 2014 Cu firefox se pune? Da se pune, felicit?ri. Quote
Active Members akkiliON Posted November 12, 2014 Active Members Report Posted November 12, 2014 A l?sat o "urm?" @dcristi. Ar fi bine s? o cenzura?i. Quote
dcristi Posted November 12, 2014 Report Posted November 12, 2014 A l?sat o "urm?" @dcristi. Ar fi bine s? o cenzura?i.Done. Scuze. Quote
Active Members dancezar Posted November 12, 2014 Author Active Members Report Posted November 12, 2014 Done. Scuze.Sa zicem ... Desi pe chrome nu are cum sa mearga Quote
