| Author |
basic challenges - new ideas + csrf challenge ;) |
clone4
Member
Posts: 586
Location: He is back and he's bad!
Joined: 25.11.07
Rank: God |
|
I've had that on mind couple of days, sometime ago I realized that there isn't one single basic web challenge involving csrf, so I was just thinking that it would be good idea to add some challenge like that. I guess some guest book with bbcodes, and you would have to lets say lock the thread or delete it. So I was just wondering if you people like the idea, or have any other better? And because csrf it quite common vulnerability I think we shouldn't ignore it like this.
Any comments would be great...
[img][/img]
spyware - "They see me trollin'..."
<yaragn> ever seen that movie? The Matrix?
<yaragn> with those green lines of flying text?
<yaragn> *THAT'S* Perl
Edited by clone4 on 14-09-08 10:32 |
 
|
| Author |
RE: basic challenge -- csrf |
Zephyr_Pure
Member
Posts: 2402
Location:
Joined: 15.09.06
Rank: God |
|
A CSRF challenge would be interesting. Why don't you code one up and submit it? 
I think I'd rather see more Pen-Test challenges, though; they could include numerous concepts, while making it more realistic.
I still check PMs from time to time.
Our responses were moronic, why shouldn't he follow suit? - Futility |
|
|
| Author |
RE: basic challenge -- csrf |
clone4
Member
Posts: 586
Location: He is back and he's bad!
Joined: 25.11.07
Rank: God |
|
Zephyr_Pure wrote:
A CSRF challenge would be interesting. Why don't you code one up and submit it?
I've been working on it for a little while in the morning it's just quite hard, since my php coding skill is pretty poor, but that means that I can only improve and this is actually brilliant practice so yeah I will give it a shot
I think I'd rather see more Pen-Test challenges, though; they could include numerous concepts, while making it more realistic.
That's true and current pen testing challenge is slightly outdated, but it's hard to do something like that, since you would actually have to code whole pages or CMS for instance.
[img][/img]
spyware - "They see me trollin'..."
<yaragn> ever seen that movie? The Matrix?
<yaragn> with those green lines of flying text?
<yaragn> *THAT'S* Perl
|
|
|
| Author |
RE: basic challenge -- csrf |
Futility
Member
Posts: 713
Location: USA
Joined: 17.12.07
Rank: God |
|
Actually, I think moshbat has made a new pen-test challenge. It's still in the already-submitted-but-still-not-accepted phase. I think. Don't quote me on it.
As for the CSRF challenge idea. It definitely sounds good. Maybe somehow incorporate it into a realistic (or pentest) challenge. It'd be nice to see some more of those.
|
 
|
| Author |
RE: basic challenge -- csrf |
clone4
Member
Posts: 586
Location: He is back and he's bad!
Joined: 25.11.07
Rank: God |
|
|
moshbat wrote:
system has said it will be released. Not too sure when, though.
All we can is hope, I think along with those, timed 7 should be released as well.
Anyway I'm about halfway there, got guestbook, and vulnerable bbcodes, now issue is what actually to do, so far it's only possible to delete single posts there. I was thinking to put there some hateful 'constant' post which challenger would have to delete, but this'd be quite easy, so I'm opened to any suggestions... ( im also gonna be looking into filters/evading filters in csfr to make it little harder )
[img][/img]
spyware - "They see me trollin'..."
<yaragn> ever seen that movie? The Matrix?
<yaragn> with those green lines of flying text?
<yaragn> *THAT'S* Perl
|
|
|
| Author |
RE: basic challenge -- csrf |
fashizzlepop
Member
Posts: 482
Location: Old folks home.
Joined: 08.04.08
Rank: Uber Elite |
|
There could also be a simple chall for this like you have now. And then always make more. Hell, it could even become a "group" of challs. I am very curious about this stuff as I don't know much aboot it.
"The definition of insanity is doing the same thing over and over again and expecting different results.”
~Albert Einstein~
 |
|
|
| Author |
RE: basic challenge -- csrf |
Zephyr_Pure
Member
Posts: 2402
Location:
Joined: 15.09.06
Rank: God |
|
|
fashizzlepop wrote:
There could also be a simple chall for this like you have now. And then always make more. Hell, it could even become a "group" of challs. I am very curious about this stuff as I don't know much aboot it.
Then... come up with an idea for one and code it. Even if it doesn't get accepted or used, you'd gain an understanding for how to make something vulnerable and how to focus on particular vulnerabilities. Give it a shot.
I still check PMs from time to time.
Our responses were moronic, why shouldn't he follow suit? - Futility |
|
|
| Author |
RE: basic challenge -- csrf |
fashizzlepop
Member
Posts: 482
Location: Old folks home.
Joined: 08.04.08
Rank: Uber Elite |
|
I'm really busy right now so I was aiming that towards the op.
"The definition of insanity is doing the same thing over and over again and expecting different results.”
~Albert Einstein~
|
|
|
| Author |
RE: basic challenge -- csrf |
clone4
Member
Posts: 586
Location: He is back and he's bad!
Joined: 25.11.07
Rank: God |
|
|
fashizzlepop wrote:
There could also be a simple chall for this like you have now. And then always make more. Hell, it could even become a "group" of challs. I am very curious about this stuff as I don't know much aboot it.
Actually Infam0us helped me to make it little bit harder I'll see how people will like this one, then you can talk about expanding it 
Anyway now I'm little(read a lot) stuck on very last issue, which causes that I can't release it even for testing . So if there is anybody fairly skilled in php willing to help, I'd really appreciate if you could pm me/contact me on msn/icq.
[img][/img]
spyware - "They see me trollin'..."
<yaragn> ever seen that movie? The Matrix?
<yaragn> with those green lines of flying text?
<yaragn> *THAT'S* Perl
|
|
|
| Author |
RE: basic challenge -- csrf |
Zephyr_Pure
Member
Posts: 2402
Location:
Joined: 15.09.06
Rank: God |
|
|
clone4 wrote:So if there is anybody fairly skilled in php willing to help, I'd really appreciate if you could pm me/contact me on msn/icq.
You can PM me and I will help if I can.
I still check PMs from time to time.
Our responses were moronic, why shouldn't he follow suit? - Futility |
|
|
| Author |
RE: basic challenge -- csrf |
DarkMantis
Member
Posts: 192
Location: Bringing Security To You!
Joined: 23.04.06
Rank: Elite |
|
This sounds like an awsome challenge.
I hope it gets release =]]
Nice One.
THE PEOPLE UNITED WILL NEVER BE DEFEATED!
don't care for money, and money's not for me,
the money fueled this empire and our racist history.
Although I'm forced to use it, the rules have all been set.
But life is not worth living when yer soul is in debt!
MONEY KILLS.
MONEY RAPES.
MONEY LIES.
MONEY HATES. |
|
|
| Author |
RE: basic challenge -- csrf |
clone4
Member
Posts: 586
Location: He is back and he's bad!
Joined: 25.11.07
Rank: God |
|
OK boys and girls Finally I'm done http://hellchall.ueuo.com/index.php The task should be pretty obvious, there is guestbook with admin who really dislikes hbh, you wanna get rid of the insulting post, once the admin views the guestbook, and even though it's pretty secure, there is one hole... (For the most obvious hint just read the title of this thread  )
I have to thank to Infam0us, who helped with little bit of coding and mainly I used concept of exploit he found ( it's very realistic and quite common ). And also thanks to Zephyr_Pure, without whom, I'd be now probably still trying to finish the challenge.
Also this guestbook hasn't been coded by me, I wanted to do that, but didn't want to use mysql, so I've came across this guestbook, which uses file to store the posts ( and I wouldn't be able to pull something like this off with my current php skill ) however the actual exploit required quite a lot of coding as well as optimising the guestbook, so I put into it some time and effort. If I find the the readme file, I will credit the author, but so far no luck with that
Lastly I hope you'll enjoy it and I'd appreciate any feedback...
Btw when you solve this, you will be redirected to the winning page.
Ok now it's all done, and all the filters I wanted to implement are there, so now it really begins And luck to you all ( especially to you who try to xss it, by that I don't want to imply it's immposible though )
one more edit the admin post is hard coded, so if you think that you've bypassed the filters and actually solved this challenge in some different way then I intended, just test it on some of the added posts, and post it over here.
Also if anyone solves this challenge, and wants some info, or even source snip, just gimme a pm or post here I assume that people here wanna improve their skills, so I won't be supicious as to if you really have finished, cause if not the real and only idiot is you
[img][/img]
spyware - "They see me trollin'..."
<yaragn> ever seen that movie? The Matrix?
<yaragn> with those green lines of flying text?
<yaragn> *THAT'S* Perl
Edited by clone4 on 11-09-08 22:20 |
|
|
| Author |
RE: basic challenge -- csrf |
clone4
Member
Posts: 586
Location: He is back and he's bad!
Joined: 25.11.07
Rank: God |
|
Sorry for the double post, but wanted to make sure this would stay at least for a while on the main page, so there you go Don't know how many of you actually finished this challenge, there was quite a lot of attempts but mainly on xss not the csrf... Anyway this inspired me to code another challenge ( well the same environment, different exploit ), one of the few that is missing here as well, which is cookie stealing. This should be much easier then the csrf ( to code and solve ), so it should be out sometime by next week.
Btw have any of you who tried actually finished the current one, i.e get the "You win !" page ? When it comes to solving this challenge it's very strict, so I realized it might be actually very hard to get it right. But it's still on so Give It a Try !!
Again any suggestions appreciated, I started to learn php, and I find it really exciting doing it this way, so I don't mind expanding the guestbook, since you learn how to code securely, as well as how the filteres are bypassed, and you always find new ways of doing something, new functions etc...
[img][/img]
spyware - "They see me trollin'..."
<yaragn> ever seen that movie? The Matrix?
<yaragn> with those green lines of flying text?
<yaragn> *THAT'S* Perl
|
|
|
| Author |
RE: basic challenges - new ideas + csrf challenge ;) |
jjbutler88
Colemak User
Posts: 590
Location:
Joined: 22.04.07
Rank: Guru |
|
Dunno, im sure I got the main parts of it but it just wouldnt accept it so im guessin it only takes 1 correct answer, might wanna code a few possible ways of doing it into your next one, nothing worse than having the answer but it not accepting it coz of a semicolon or something like that.
|
|
|
Main:
