I got the part with the login pretty quick, and then the part on the edit news page.
for the database page i think i have to use sql injection, but i don't know the name of the database file, file that i think i have to find using the "Files" page because i see there that the default extension for the file is "CSV", comma separated values.
This requires that multiple CSV files are in a directory, and so that directory can act as a "database" in which the CSV files are the tables.. or have i got this wrong? if I did get it right, then this means that there has to be a *hidden* directory around there. How can i find out if this directory exists? I have tried to download all the "site" but this didn't help.
I've tried the " %00 " on the files page also, hoping to strip down the extensions ( I know that php won't interpret anything after %00, so this should have removed the ".csv" part (possible vulnerability), but this didn't work either.
Something interesting is on the delete account page. The parameters are passed with " && " between them, not just " & " , so I guess this is a clue, but I didn't find anything about it on Google, so please help me a little bit here.
I would appreciate some guidelines about this one, as well as some articles to read.
I'm sorry mate, but in Chrome web browser, %00 is not working. So for everyone out there that want to get rid of the ".csv" and can't do it in chrome, just switch to Mozilla
If only I knew this a few hours ago
It's the final CountDowN
Hellbound Hackers is the collective work of the staff and the community and is therefore licensed under the CC BY-NC-SA license.