Author | I though I could give it a try... |
Member

Posts: Location:
Joined: 01.01.70 Rank: Guest | |
Well I had problems finding people who could help at all. So I am back, I coded my own php script this time. Looks nothing like fusion because it is NOT, just look at it. Elite Hacks I was also wondering if anyone could hack the login box (hit enter to get to it), if you can please tell me how.
[[Richo fixed url tag]]
Edited by richohealey on 26-09-07 01:33 |
 |
Author | RE: I though I could give it a try... |
Member

Posts: Location:
Joined: 01.01.70 Rank: Guest | |
yeah just so you know your missing a '>' in your form
Code
<form action="main.php" METHOD="POST">
Password: <input type='text' name='pass'>
<input type='submit' value='<ENTER>'
</form>
should be
<form action="main.php" METHOD="POST">
Password: <input type='text' name='pass'>
<input type='submit' value='<ENTER>'>
</form>
|
 |
Author | RE: I though I could give it a try... |
Member

Posts: Location:
Joined: 01.01.70 Rank: Guest | |
Thanks for that. So can you hack it?
|
 |
Author | RE: I though I could give it a try... |
Member

Posts: Location:
Joined: 01.01.70 Rank: Guest | |
... No one has posted, anything relevant...
|
 |
Author | RE: I though I could give it a try... |
Member

Posts: Location:
Joined: 01.01.70 Rank: Guest | |
look, you can't just "hack a login box".
you can exploit the underlying code, however.
show us the php source to the page if you're really worried, unless the password is hardcoded into the page, in which case there's really no point.
Afterthought: The only thing I can really see wrong with it is that you're only providing a single key for authentication, which means it could be bruteforced pretty fast.
Edited by on 26-09-07 01:33 |
 |
Author | RE: I though I could give it a try... |
Member

Posts: Location:
Joined: 01.01.70 Rank: Guest | |
I know, I don't really care atm I am just trying to make a login forum for a game (more like cpyher and slavehack) an I was just wondering if any of you could get the hardcoded pass with out bruting. |
 |
Author | RE: I though I could give it a try... |
Member

Posts: Location:
Joined: 01.01.70 Rank: Guest | |
no, not without something like an LFI on the site.
|
 |
Author | RE: I though I could give it a try... |
Member

Posts: Location:
Joined: 01.01.70 Rank: Guest | |
Okay sweet. Does anyone know how to get the database to remember what users exist and then when they click <login> it will check the database and see if credentials exist (Please tell me if you do not understand what I mean, I am not real sure what its called)?
|
 |
Author | RE: I though I could give it a try... |
Member

Posts: Location:
Joined: 01.01.70 Rank: Guest | |
Thanks rico
|
 |
Author | RE: I though I could give it a try... |
richohealey Member

Posts: 1022 Location: #!/usr/local/bin/python
Joined: 01.05.06 Rank: Monster | |
masta_hacks wrote:
Thanks rico
.....wtf?
|
 |
Author | RE: I though I could give it a try... |
Member

Posts: Location:
Joined: 01.01.70 Rank: Guest | |
I think he meant about the link thing mate.
|
 |
Author | RE: I though I could give it a try... |
richohealey Member

Posts: 1022 Location: #!/usr/local/bin/python
Joined: 01.05.06 Rank: Monster | |
ahhh righto... hate to misspell my name....
|
 |
Author | RE: I though I could give it a try... |
Uber0n Member

Posts: 1963 Location: Sweden
Joined: 13.06.06 Rank: Hacker Level 3 | |
masta_hacks wrote:
Does anyone know how to get the database to remember what users exist and then when they click <login> it will check the database and see if credentials exist
I'm no SQL expert, but to learn this you could read any SQL manual 

http://uber0n.web. . . |
 |
Author | RE: I though I could give it a try... |
Member

Posts: Location:
Joined: 01.01.70 Rank: Guest | |
RICO! 
|
 |
Author | RE: I though I could give it a try... |
Member

Posts: Location:
Joined: 01.01.70 Rank: Guest | |
masta_hacks wrote:
Does anyone know how to get the database to remember what users exist and then when they click <login> it will check the database and see if credentials exist (Please tell me if you do not understand what I mean, I am not real sure what its called)?
Google about the basics of a mysql login and such and browse php.net for some ideas You can always PM me for some sample code.
|
 |
Author | RE: I though I could give it a try... |
mido Member

Posts: 613 Location: Cairo, Egypt
Joined: 27.01.07 Rank: Hacker Level 1 | |
It may be better, to validate your code after each update.
Like this, or this.
|
 |
Author | RE: I though I could give it a try... |
Member

Posts: Location:
Joined: 01.01.70 Rank: Guest | |
Not to sound rude or anything, but theres no mysql in the code atm. I am needing some help on that... |
 |
Author | RE: I though I could give it a try... |
spyware Member

Posts: 4192 Location:
Joined: 14.04.07 Rank: God Warn Level: 90
| |
masta_hacks wrote:
Not to sound rude or anything, but theres no mysql in the code atm. I am needing some help on that...
Have you tried the W3schools SQL tutorial, or the google results? If you need help ask specific questions instead of these very basic crappy questions. We ain't google y'know.

"The chowner of property." - Zeph [small]�Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.� - Carl Sagan [center]�Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?� - Ebert[/ce |
 |
Author | RE: I though I could give it a try... |
Member

Posts: Location:
Joined: 01.01.70 Rank: Guest | |
I know, but I do not know what it is called that I am trying to do  |
 |
Author | RE: I though I could give it a try... |
Member

Posts: Location:
Joined: 01.01.70 Rank: Guest | |
its called having a database and using mysql. 
|
 |