Uh oh. Looks like your using an ad blocker.
Our site is support by ads that help to pay our hosting costs. Please disable or whitelist us within your ad blocker to help us keep the site online.
All money generate by ads and donations is used to pay the hosting costs of the site.
View Thread
| Author | Injection Help |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | | Hi there,
I'm new to this site, but from what I have gathered it's a pretty nice community. I am not an idiot, but my coding skills are somewhat lacking.
Anywho, I'm trying to 'hack' this thing for various reasons, but anyway ~ it's called Facility ePortal, and its made by a company called Serco.
Its a registering and database system for schools. Here is an example log in page (found from a Google Search, and not my own school):
http://www.taw.org.uk/taw900eportal/index.jsp
After a failed log in, the page turns to this:
http://www.taw.org.uk/taw900eportal/PortalServ?reqtype=login
You can alter the bit on the end from login, to whatever you want and it'll echo it back, so doing something basic like this will work:
http://www.taw.org.uk/taw900eportal/PortalServ?reqtype=<script>alert("Hello HBH")</script>
Now I'm pretty sure that's a bloody major flaw.
I'd like to gain access to an account, make a new one, or gain access to the database. I'm not sure how to proceed to be honest. I've found some things that look exploitable, but if you could help me further, that'd be great.
Code AdminLogin.location = "/taw900eportal/PortalServ?reqtype=loginoutput&showlog=false";
That was in the source code of the page.
There is also a value that is submitted with the page:
Code <input id="ssobypass" name="ssobypass">
Not sure what that is, but it could help.
Any advice or help you could give me would be appreciated.
Thanks very much,
Gav |
 |
| Author | RE: Injection Help | ap101
Member
Posts: 19
Location: Unknown
Joined: 14.06.07
Rank: Guest | | instead of a flame, i will tell you the following:
google
use it
One question makes and stops progress,
What if?
 |
  |
| Author | RE: Injection Help |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | | you can try the OR 1=1 or AND 1=1 to check if its vulnerable. but i think this sites are pretty much secured...
| |
|
| Author | RE: Injection Help |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | | Did you ever read the forum rules?
http://www.hellbo. . .189_0.html
| |
|
| Author | RE: Injection Help |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | | Legal rules:
- do not post links to sites you have hacked / intend to hack
- do not ask help for hacking sites you have posted a link to
| |
|
| Author | RE: Injection Help |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | | Read forums first.
Been there, done that - Got the screenshot.
| |
|
|
