Posted on 03-09-2008
Hacker challenge: pwn3d the login form.
Filed Under (pentesting) by admin

I came up with this pwn3d zit3 login form challenge, to kind of expose one of the many web application vulnerabilities; it consists of a login form which authenticates against a mysql backend database to give authorized access to the members only part of the web site (you must become a member first—>”REGISTER”). The goal is to login with full administrator rights and get the users list data stored in the mysql database, if you need help or hint on how to come up with the goods use the comments form at the end of the page, hope you find it interesting….
here’s the link to th3 pwn3d zit3 login form challenge

hint #1: the vuln is in the way the cookie is set….take a look at the content of the cookie.
hint #2: read the login page for additional clues.

the complete site is now finish and it contains different vulnerabilities you can find it here

(14) Comments    Read More   

Comments

asd on 6 September, 2008 at 2:10 pm #

lol way too easy done in under 2 minutes


Bull on 6 September, 2008 at 8:17 pm #

Didn’t even look at the cookie. Just used a basic SQL injection. Was that the intended way to get into the admin account?


admin on 7 September, 2008 at 8:40 am #

Bull, no it wasn’t intended to be sql injection hack, although it is a test site and sql injection is one of the vuln, I just wanted to expose a vuln in the way the cookie is set… on a side note the cookie and sql injection are not the only vuln


admin on 7 September, 2008 at 8:56 am #

I have deleted some of the post as they contain the users list and one of those users was the administrator’s and I want to give everyone a chance


ArrexD on 17 September, 2008 at 11:05 am #

Admin, only i can do with the cookie? without extern program?


admin on 17 September, 2008 at 11:33 am #

ArrexD, don’t understand your question, but if you’re trying to solve the challenge…notice the cookie is set in form of hash, also read the login page for more clues


admin on 17 September, 2008 at 11:35 am #

by the way you don’t need to install any additional program… if you’re using firefox, all you need is a couple of add-ons


j-sim on 17 September, 2008 at 12:06 pm #

I use cookie editor in firefox…wasn’t that difficult. Good Challenge thou!


arrexD on 17 September, 2008 at 12:09 pm #

Sorry for my bad english.
i am nw in this xD
so, i must To modify Hash? for login in Admin mode?


ft-22 on 17 September, 2008 at 2:06 pm #

reverse the hash, so you know what it is, then find the hash that would give you “admin” access…I think is clear enough


SS on 2 January, 2009 at 8:14 pm #

This was nice. Are there more that I could try? It took me quite a while to figure this one out though. But in the end cant believe how straight forward it really is.


wabisu on 3 June, 2009 at 8:49 am #

im a college student and am having trouble.. im using Tamper data for firefox, and I have the cookie, but I dont really know what to do with it..


JV on 3 June, 2009 at 11:58 am #

wabisu reverse the hash…


Grauwulf on 4 June, 2009 at 7:11 am #

ss; I’m with you I spent 10 minutes trying to be all super clever and then I actually “looked” at the problem… voila! Not terribly practical as the security is _so_ weak but a good exercise even so.