Header-Bar

July 8, 2012

Try This 0ne - What Do You Mean?!

Hello again (:

Well after trying to solve the first one, I've decided to continue for one more shot.
I've chosen the 'What Do You Mean?!' Challenge. So let's start.

Let's first focus on the instructions and than I'll post a few hints.
The first instruction is that in order to get to the pwd.php file we need to first visit the Login.php Well it is true from a certain perspective...
Let's click on the Login and see what's going on at the next section of the challenge.
Well, we can see a default Login page... Hmm no hints.
Check the source...   Nothing ahh...
O.k so let's take the Trail & Error method.

Try to Login with some credentials of your choice. Mmmm.. seems like an error...
The user and pass are not true. Try a few more times to see if the same error is being reflected.
O.k let's try to inject SQL scripts like user:  "aaa'+or+'1'='1"
Maybe it will lead us to discover a bypass. Nothing?!? Damn what's now?

Another way to bypass it is to force the page to open.. Simply write the name of the page in the
URI -> TryThis0ne.com/levels/...../pwd.php
Now we have another error.. something like "You can access this page only through the TARGET.php"

Great Hint!!
So now we understood that we do not need to be redirected to the pwd.php through the Login page!
How do we convince the browser that we're 'coming' from the Target.php?
This is a bit more complex and you'll need to learn about Web Proxy in order to solve this one.
So go to my Web Proxy thread and read all three of them! follow the instructions because you'll need them any way... If not now than later on.
O.k so after you've became a Web Proxy Gurus, I can allow myself to reveal my last hint.
In order to solve this 0ne, you have only 1 more step. The step is about making the browser think that you've been redirected from the target.php
Look for information about redirecting betwin pages and who is the header resposible for that.
Fill up it's value with the page you need to come from.

That's it, more than that is just reveal the answer Lol Enjoy!
created by the at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)