Click here: LEVEL 1
I remember that here I write SPOILERS!
I RECOMMEND to win the level alone, using also Google for Theory of arguments
Here
our target is to increase the average rating of Raging Inferno band.
We have two ways:
1- Use Firebug (or similar) and go to part of code where there is last "vote" bottom and the scores.
Change value of, for example, 5... So:
After this, choose 5 points and click on bottom "vote"!
2- Let's use JavaScript code.
We type on url bar this JavaScript code:
javascript:void(document.forms[4].vote[0].value="1000");alert(document.forms[4].vote[0].value);
In this way, we say it that it must edit the point 1 in 1000 point. So, when we run JavaScript code, then we vote for 1 point!
WHY DOES IT HAPPEN?
- The reason this attack works is that the value you have altered and sent was not being checked on the server side e.g. there was no statement like this:
if($_POST("voteVal") < 1 || $_POST("voteVal") > 5)
handleError();
- It is extremely important that form values are checked both client and server side. However, as you have just seen it is more important to check them server side to make sure the value isn't just executed with the code. The need to check client-side is more of an efficiency method so that genuine-bad input (accidental input) does not take up server resources by handling http requests. You will see how important this really is when we come to do SQL Injections.
- The other method I spoke of was to save the web page locally to your machine and then alter the form values within the HTML.
===============> HTS: Realistic Mission 2
Nessun commento:
Posta un commento