| Author | I though I could give it a try... |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
Well I had problems finding people who could help at all. So I am back, I coded my own php script this time. Looks nothing like fusion because it is NOT, just look at it. Elite Hacks I was also wondering if anyone could hack the login box (hit enter to get to it), if you can please tell me how.
[[Richo fixed url tag]]
Edited by richohealey on 26-09-07 01:33 |
 |
| Author | RE: I though I could give it a try... |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
yeah just so you know your missing a '>' in your form
Code
<form action="main.php" METHOD="POST">
Password: <input type='text' name='pass'>
<input type='submit' value='<ENTER>'
</form>
should be
<form action="main.php" METHOD="POST">
Password: <input type='text' name='pass'>
<input type='submit' value='<ENTER>'>
</form>
|
|
|
| Author | RE: I though I could give it a try... |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
Thanks for that. So can you hack it?
|
|
|
| Author | RE: I though I could give it a try... |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
... No one has posted, anything relevant...
|
|
|
| Author | RE: I though I could give it a try... |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
look, you can't just "hack a login box".
you can exploit the underlying code, however.
show us the php source to the page if you're really worried, unless the password is hardcoded into the page, in which case there's really no point.
Afterthought: The only thing I can really see wrong with it is that you're only providing a single key for authentication, which means it could be bruteforced pretty fast.
Edited by on 26-09-07 01:33 |
|
|
| Author | RE: I though I could give it a try... |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
| I know, I don't really care atm I am just trying to make a login forum for a game (more like cpyher and slavehack) an I was just wondering if any of you could get the hardcoded pass with out bruting. |
|
|
| Author | RE: I though I could give it a try... |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
no, not without something like an LFI on the site.
|
|
|
| Author | RE: I though I could give it a try... |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
Okay sweet. Does anyone know how to get the database to remember what users exist and then when they click <login> it will check the database and see if credentials exist (Please tell me if you do not understand what I mean, I am not real sure what its called)?
|
|
|
| Author | RE: I though I could give it a try... |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
Thanks rico
|
|
|
| Author | RE: I though I could give it a try... |
richohealey
Member
Posts: 1022
Location: #!/usr/local/bin/python
Joined: 01.05.06
Rank: Monster | |
masta_hacks wrote:
Thanks rico
.....wtf?
|
   |
| Author | RE: I though I could give it a try... |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
I think he meant about the link thing mate.
|
|
|
| Author | RE: I though I could give it a try... |
richohealey
Member
Posts: 1022
Location: #!/usr/local/bin/python
Joined: 01.05.06
Rank: Monster | |
ahhh righto... hate to misspell my name....
|
|
|
| Author | RE: I though I could give it a try... |
Uber0n
Member
Posts: 1963
Location: Sweden
Joined: 13.06.06
Rank: Hacker Level 3 | |
masta_hacks wrote:
Does anyone know how to get the database to remember what users exist and then when they click <login> it will check the database and see if credentials exist
I'm no SQL expert, but to learn this you could read any SQL manual 
http://uber0n.web. . . |
|
|
| Author | RE: I though I could give it a try... |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
RICO! 
|
|
|
| Author | RE: I though I could give it a try... |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
masta_hacks wrote:
Does anyone know how to get the database to remember what users exist and then when they click <login> it will check the database and see if credentials exist (Please tell me if you do not understand what I mean, I am not real sure what its called)?
Google about the basics of a mysql login and such and browse php.net for some ideas You can always PM me for some sample code.
|
|
|
| Author | RE: I though I could give it a try... |
mido
Member
Posts: 613
Location: Cairo, Egypt
Joined: 27.01.07
Rank: Monster | |
It may be better, to validate your code after each update.
Like this, or this.
|
|
|
| Author | RE: I though I could give it a try... |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
| Not to sound rude or anything, but theres no mysql in the code atm. I am needing some help on that... |
|
|
| Author | RE: I though I could give it a try... |
spyware
Member
Posts: 4192
Location: The Netherlands
Joined: 14.04.07
Rank: God
Warn Level: 90
| |
masta_hacks wrote:
Not to sound rude or anything, but theres no mysql in the code atm. I am needing some help on that...
Have you tried the W3schools SQL tutorial, or the google results? If you need help ask specific questions instead of these very basic crappy questions. We ain't google y'know.
"The chowner of property." - Zeph [small]“Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.” - Carl Sagan “Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?” - Ebert [/s |
|
|
| Author | RE: I though I could give it a try... |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
I know, but I do not know what it is called that I am trying to do  |
|
|
| Author | RE: I though I could give it a try... |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
its called having a database and using mysql. 
|
|
|
Main:
