Mutillidae: Born to be Hacked
|
|
|
|
Site hacked...err...quality-tested with Samurai WTF, Backtrack, Firefox, Burp-Suite, Netcat, and
these Mozilla Add-ons
Developed by Adrian " Irongeek" Crenshaw and Jeremy Druin |
Login
|
- For SSL Injection:The old "' or 1=1 -- " is a classic, but there are others. Check out who
you are logged in as after you do the injection.
- For Session and Authentication:As for playing with sessions, try a
cookie editor
to change your UID.
- For Insecure Authentication:Try sniffing the traffic with Wireshark, Cain, Dsniff or Ettercap.
- Some code contains naive protections such as limiting the width of HTML fields.
If your If you find that you need more room, try using a tool like Firebug to
change the size of the field to be as long as you like. As you advance,
try using tools like netcat to make your own POST requests without having
to use the login web page at all.
- You can use the login page normally but then simply change the parameters is Tamper Data.
Because Tamper Data is allowing the user to manipulate the request after the request has
left the browser, any HTML or JavaScript has already run and is completely useless as a
security measure. Any use of HTML or JavaScript for security purposes is useless anyway.
Some developers still fail to recognize this fact to this day.
-
Try SQL injection probing by entering single-quotes, double-quotes,
paranthesis, double-dash (--), hyphen-asterik (/*), and
closing-parenthesis-hyphen-hyphen ()--)
|
|
Back