Uncle Arnold’s Local Band Review: HackThisSite - Challenge -

Uncle Arnold’s Local Band Review: HackThisSite - Challenge - - Realistic

HackThisSite Playlist:

Of course why not?

I should help my friend so how am I gonna hack this site?

First I rewied the source code:

Imposing Republic
<form action="v.php" method="get">
   <input type="hidden" name="PHPSESSID" value="abcaeadfc31a5c43b2534bf995c0553f" />
   <input type="hidden" name="id" value="4" />
   <select name="vote">
    <option value="1">1</option>
    <option value="2">2</option>

Every band had different values I first thought it was the factor deciding the rank but it was not.

The only functionality was the voting feature but it didn’t made any change to the rating, so I intercepted the request:

It was a GET request, interesting.

I changed it to POST and change the number of votes to 25.

And it worked my friend's band is the most rated on the list now.

Comments

Bug Boundy Methodology, Tools & Resources

Start by defining a clear objective, such as exploiting a remote code execution (RCE) vulnerability or bypassing authentication on your target. Then, consider how you can achieve this goal using various attack vectors like XSS, SSRF, or others - these are simply tools to help you reach your objective. Use the target as how a normal user would, while browsing keep these questions in mind: 1)How does the app pass data? 2)How/where does the app talk about users? 3)Does the app have multi-tenancy or user levels? 4)Does the app have a unique threat model? 5)Has there been past security research & vulnerabilities? 6)How does the app handle XSS, CSRF, and code injection?

Install & set up mitmweb or mitmproxy in Linux

Step 1: Go to the mitmproxy page and download the binaries. Step 2: Install the downloaded tar file with the command " tar -xzf <filename>.tar.gz " Step 3: In the FoxyProxy add the proxy 127.0.0.1:8080 and turn it on. Step 4 : In the terminal run command " ./mitmweb " Step 5: Go to the page http://mitm.it/ and download the mitmproxy's Certificate. Step 6: If you downloaded the certificate for Firefox, then go to " settings -> Privacy & Security -> Click View Certificates -> Click Import ", then import the certificate. Step 7: Now you are ready to capture the web traffic. Step 8 : In terminal run " ./mitmweb"

Making CHIP-8 emulator in C

Chip8 doc link | Components | Opcode Table GitHub - AdithyakrishnaV/Chip8_Emulator--Interpreter Contribute to AdithyakrishnaV/Chip8_Emulator--Interpreter development by creating an account on GitHub. github.com CHIP-8 programs are binary files, and your emulator must read them and operate on the bytes. You will also need a way to draw graphics to the screen and read keypresses. Many graphical libraries can do this for you or use something like SDL directly. CHIP-8 components Display 64 pixels wide and 32 pixels tall. Each pixel is a boolean value, or a bit; can be on or off (“off” pixel was just black, and “on” was white). We’ll use SDL for rendering: SDL initialization Not initialize:- returns -1 Error message is stored in SDL_GetError Initializing SDL if (SDL_Init(SDL_INIT_VIDEO)!= 0 ){ printf ( "SDL not initialized,%s\n" , SDL_GetError); exit (- 1 ); } Initialize display SDL_Window * window = SDL_CreateWindow ( "chip8" , SDL_WINDOWPOS_CENTERED , SDL_...

Hack Your Way Out

Search This Blog

Click Here To See All BLOGS