webhacking.kr - 0ldzombie challenge writeup 5
0ldzombie has a great collection of Webhacking challenges
which ranges from very basic ones to some very advanced attacks. We really enjoyed playing the challenges and here are the writeups.
Well, the last challenge was pretty easy and I was dissapointed since it was not very challenging. And I had a feeling that next one will be awesome and fortunately, it is !
I am putting up the write up so that if you are not able to complete the challenges after trying for awhile, you can refer to the solution to see how I did it. Please don’t look into the solution before you try out the challenges by yourself.
Well, when you open this challenge, the first thing you see is a login page and a join page. As always I looked into the source code and saw that the login is redirected to
mem/login.php and if we click on join, it says access denied. Also, if we try to login to the page, it says we need to login as admin. So obviously something is fishy about the join.php right ? Also I assumed that since login.php is redicrected to mem/login.php, I directly tried to go to
Well, good looking code isn’t it ? Here, the main things comes in the last
if loop. It is always giving -1 and for that matter the condition is always exiting with a message access_denied. So what to do ? I simply copy pasted the else part to the console and executed in the context of that page and there, I saw the box to signup with a password. So I immideatly tried to signup for the name admin but it failed since admin already existed. So I tried to make something really near to admin line admin + a blank space so in total it becomes 6 characters but are very close to the name admin.
The challenge was fun but a bit weird too. So how did you solve it ? If you solved the challenge in an easier way, do let me know. Let us share and learn :)