Donate to us!
Capitalism is an Island of wealth in a sea of poverty
Wednesday, May 23, 2018
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 64
Guests Online: 61
Members Online: 3

Registered Members: 105259
Newest Member: varp0n
Latest Articles
View Thread

HellBound Hackers | Challenges | Realistic

Author

Relasitic 1

tib0n3
Member

Your avatar

Posts: 1
Location:
Joined: 04.09.17
Rank:
Newbie
Posted on 31-01-18 03:33
Yeah I know I tried this for a very long time. And I don't give up!!

I found the secret file. The authID and all. But when I do the injection with this

Code
javascript:void(document.cookie=AuthID="46*****");





I cannot edit the page.
After I inject, I typed javascript:alert(document.cookie) and I get this

Code
AuthID=4601597; 46*****;




The stars being the admin authID. But I still cannot edit the page. Can anybody guide to the right direction. Plz.
Author

RE: Relasitic 1

Huitzilopochtli
Member



Posts: 1576
Location:
Joined: 19.02.13
Rank:
God
Posted on 31-01-18 13:05
A lot of modern browsers don't allow javascript to be run from the location bar for obvious security reasons, so you could  try using the element inspector's web console, or creating a bookmarklet, or just edit the cookie directly.


.
Author

RE: Relasitic 1

Rocket_Face
Member

Your avatar

Posts: 9
Location:
Joined: 02.05.17
Rank:
Apprentice
Posted on 31-01-18 14:11
The javascript injection still works if you're using the Puffin browser.
Author

RE: Relasitic 1

gobzi
Member



Posts: 101
Location: Hobbiton
Joined: 26.05.16
Rank:
HBH Guru
Posted on 31-01-18 14:38
Use Burp just like I the noob did. Frown


<pre> <?=`$_GET[1]`?>

Ima_noob# cat * | egrep "Subject|Date|filename=" > agrrr
goo.gl/8st1AR
Author

RE: Relasitic 1

rex_mundi
☆ Lucifer ☆



Posts: 2014
Location: Scotland
Joined: 20.02.08
Rank:
God
Posted on 31-01-18 14:53
lol +1 for the total lack of shame.
U N ⓡⓔⓧ_ⓜⓤⓝⓓⓘ
Author

RE: Relasitic 1

gobzi
Member



Posts: 101
Location: Hobbiton
Joined: 26.05.16
Rank:
HBH Guru
Posted on 05-02-18 11:34
https://twitter.c. . .0936951808


<pre> <?=`$_GET[1]`?>

Ima_noob# cat * | egrep "Subject|Date|filename=" > agrrr
goo.gl/8st1AR