Tuesday, 14 October 2014
NUS SoC Hacking Challenge 3 - Manipulate Me
Challenge 3 - Manipulate Me.
Similar like Level 1, you are tasked to enter a valid Username and Password and see if you can get access to Level 4.
So that's precisely what i did, putting the valid Username and Password from Level 1 and click Login.
However, when i clicked Login, this was the page i was directed. Notice the URL that directed me to a page called 'Gem.php'. Yet i need to reach to a level called Narda.
So when i manipulate the Gem.php to Narda.php, another message came. 'Not yet There'. Hmmm.... so the idea was there but i couldn't reach there yet.
So after so many hours spent, trial and errors made, using Burpsuite, i had to observe the HTTP response and intercept it and analyze the whats going out and whats coming in. So when i noticed that 2 values in the GET response that seemed to be suspiciously involved in this, i again test my luck and manipulate the Narda = false to Narda = true and instead of challenges/3/Gem.php, i manipulated it to challenges/3/Narda.php and click Forward.
Once that manipulation was made, i noticed the next response that i intercepted was the GET response, and instead of getting me back to challenges/3/, it directed me to challenges/4/.... Hell YEAH!!! Level 3 - Conquered!
Next Stop - Level 4
I have to be honest, that i spent over 24 hours trying to figure out how to pass this level. I tried XSS, SQL injection and many other ways including running a scan to find anything that i missed. But when everything else fails, you know you just need to keep trying and i kept telling myself...its bloody Level 3! It shouldn't be that tough. And my determination paid off... and yes, now that you've seen how i did it, its not that hard right?