27 replies to this topic

[Istrancis]

So how do you do that sorta stuff?

[jabzor]

But it asks for username and Password After Anonymous log in

user / pwd overflow and sploits,
all depends on the server.. people must learn to google and read texts.. come on

[Koharski]

hacking a website is not the same thing every time. One time you might use SQL injection, but another time you could be doing something completely different.

[m4rtin]

hello, I was learning a little about website security and run into that example(it is a password box):

<form action="?turengdel=10905" method="post" name="form">
<table border="0" cellspacing="0" cellpadding="0" style="border: 0px;" align="center">

on the other examples there were a URL or something like that instead of ?turengdel=10905. What is it? And can it lead to the password file?

[WhatChout]

hello, I was learning a little about website security and run into that example(it is a password box):

<form action="?turengdel=10905" method="post" name="form">
<table border="0" cellspacing="0" cellpadding="0" style="border: 0px;" align="center">

on the other examples there were a URL or something like that instead of ?turengdel=10905. What is it? And can it lead to the password file?

The form will go to http://whateverwebsi...turengdel=10905 and send the data from the form.

[m4rtin]

hello, I was learning a little about website security and run into that example(it is a password box):

<form action="?turengdel=10905" method="post" name="form">
<table border="0" cellspacing="0" cellpadding="0" style="border: 0px;" align="center">

on the other examples there were a URL or something like that instead of ?turengdel=10905. What is it? And can it lead to the password file?

The form will go to http://whateverwebsi...turengdel=10905 and send the data from the form.

However, the website which source I am looking at, has the URL http://whateverwebsi...turengdel=10905. This means like the data(password) inserted into form is compared with something in that website where the form is?

[thepcdude]

I would totally start at hackthissite because it teaches the fundamentals, let you try em out, and work on harder things like the realistic missions. Although there are hardly any websites out there anymore that can be hacked exactly this way, you can try. But the first thing is the site has to have some scripts, php, perl scripts, etc. Those can be exploited thus giving you what you want. I enjoy hackthissite just for the fun of it. Try it out. I made a site with guides to most of them if you need it; but be warned...my site is hardly EVER up. Sadly. It's cuz I'm hosting it right from my comp...im not always on htshelp.gotdns.com
If it's a simple website with no exploitable scripts, etc. try learning how to hack the computer server, not the apache server "site". You can get started all over the web, like the first thing a newbie would want to learn: telnet.

Edited by thepcdude, 06 June 2007 - 08:51 PM.

[intimidat0r]

hello, I was learning a little about website security and run into that example(it is a password box):

<form action="?turengdel=10905" method="post" name="form">
<table border="0" cellspacing="0" cellpadding="0" style="border: 0px;" align="center">

on the other examples there were a URL or something like that instead of ?turengdel=10905. What is it? And can it lead to the password file?

The form will go to http://whateverwebsi...turengdel=10905 and send the data from the form.

However, the website which source I am looking at, has the URL http://whateverwebsi...turengdel=10905. This means like the data(password) inserted into form is compared with something in that website where the form is?

It means that page contains the script which does the password checking. This action is going to be performed on the server, before the page reaches you. So sorry to tell you but that information will not be instrumental in securing the password file.