Istrancis

Website hacking

28 posts in this topic

hello, I was learning a little about website security and run into that example(it is a password box):
<form action="?turengdel=10905" method="post" name="form">

<table border="0" cellspacing="0" cellpadding="0" style="border: 0px;" align="center">

on the other examples there were a URL or something like that instead of ?turengdel=10905. What is it? And can it lead to the password file?

The form will go to http://whateverwebsite.com/?turengdel=10905 and send the data from the form.

However, the website which source I am looking at, has the URL http://whateverwebsite.com/?turengdel=10905. This means like the data(password) inserted into form is compared with something in that website where the form is?

0

Share this post


Link to post
Share on other sites

I would totally start at hackthissite because it teaches the fundamentals, let you try em out, and work on harder things like the realistic missions. Although there are hardly any websites out there anymore that can be hacked exactly this way, you can try. But the first thing is the site has to have some scripts, php, perl scripts, etc. Those can be exploited thus giving you what you want. I enjoy hackthissite just for the fun of it. Try it out. I made a site with guides to most of them if you need it; but be warned...my site is hardly EVER up. Sadly. It's cuz I'm hosting it right from my comp...im not always on <_<htshelp.gotdns.com

If it's a simple website with no exploitable scripts, etc. try learning how to hack the computer server, not the apache server "site". You can get started all over the web, like the first thing a newbie would want to learn: telnet.

Edited by thepcdude
0

Share this post


Link to post
Share on other sites
hello, I was learning a little about website security and run into that example(it is a password box):
<form action="?turengdel=10905" method="post" name="form">

<table border="0" cellspacing="0" cellpadding="0" style="border: 0px;" align="center">

on the other examples there were a URL or something like that instead of ?turengdel=10905. What is it? And can it lead to the password file?

The form will go to http://whateverwebsite.com/?turengdel=10905 and send the data from the form.

However, the website which source I am looking at, has the URL http://whateverwebsite.com/?turengdel=10905. This means like the data(password) inserted into form is compared with something in that website where the form is?

It means that page contains the script which does the password checking. This action is going to be performed on the server, before the page reaches you. So sorry to tell you but that information will not be instrumental in securing the password file.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now