Follow us on Twitter!
Society leans ever heavily on computers, if you have the power to take out computers you can take out society. - cubeman372
Saturday, April 19, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 23
Guests Online: 22
Members Online: 1

Registered Members: 82843
Newest Member: hx47
Latest Articles

_Web Patching 1 to 3_

Arrow Image A guide for the web patching challenges, may contain spoilers.



Here's my article on web patching one to three, for these challenges you will need some basic knowledge of php.

_Web Patching 1_
On this challenge you see that the code "echo"s the variable: $_POST['username'].
For example, if you typed "floobman mc doodle" in the username box and hit submit it would say "Logged in as floobman mc doodle."
But, if you tried injecting some html tags into the box, as the script don't filter html tags it will output whatever html you put in.
You should know the name of this. If you don't know how to get rid of html tags from being inputted, try googling.

_Web Patching 2_
Right, you can see that this one has an sql query, so that should give you an idea of what kind of exploit this is.
To patch it, you have to know that you need to make it add a slash in front of the apostrophes and quote marks to stop the exploit.
Again, if you don't know the function for this, google.

_Web Patching 3_
Moving on to the third patching challenge, this script is meant to include whatever file you choose through the variable: $page = $_GET['page'].
The script also adds ".php" onto the end of the included file, so if you typed: something.php?page=something, it would include itself. But using our knowledge of poison null bytes, you could try this: something.php?page=/etc/passwd/%00 to try and view the password file.
The way you are suppsoed to patch this is the opposite of web patching two.

I hope this article has helped you, I realise it is quite a short article, but I couldn't think of any way to make it longer.

Comments

godon May 07 2006 - 17:32:24
nice!! right to the point and doesnt spoil it B)
Mr_Cheeseon May 07 2006 - 17:48:25
yeah excellent. gives just the right amount of information away Smile This will certainly help a few people who are stuck on it.
wolfmankurdon May 07 2006 - 18:45:32
nice, whats up with the _'s?
system_meltdownon May 07 2006 - 19:03:30
Dunno, lol, I just thought it looked good Grin
TAoSon May 07 2006 - 19:20:47
Good articles, concise without being bland or giving too much away. I just had the exploit types wrong haha.
the_flashon May 07 2006 - 19:59:37
great article, i understand more about them even though i completed it lol^^
mastergameron May 09 2006 - 16:56:21
Well done, great article
sharpskater80on July 24 2006 - 06:27:51
_good one_
netfishon August 04 2006 - 10:12:08
very helpful!
mr noobon November 04 2006 - 21:49:34
theres actually bout 10 functions to add the backslashes
austinatoron March 18 2008 - 10:55:29
thanks a lot this is well written and straight to the point without any spoilers. Grin
rollingon May 01 2008 - 14:49:14
floobman mc doodle 4tw! lol jk nice article helped me a lot
s3klymaon May 08 2008 - 00:49:18
I like the article.. but I have a thought. For the third one, couldn't the exploit be RFI? I thought that what needed to be done was to filter out '?'
SaMTHGon June 03 2008 - 19:38:00
Top Marks
zberton August 26 2008 - 03:34:39
Good article, no spoilers and really just gave an idea what to google... Google is my friend but it helps to know what to think of...
Post Comment

Sorry.

You must have completed the challenge Basic 1 and have 100 points or more, to be able to post.