2012 the third session of Xidian University network attack and Defense competition and network infiltration part of the clearance scheme V2.0

Source: Internet
Author: User

2012 the third session of the Xidian University network attack

Competition and network penetration part of the Customs Clearance program

V2.0

Southern Sword

Cyberpolice

Http://weibo.com/nanguojian

Objective:

This competition by the West Electricity Information Security Association host official site: https://csc.xdsec.org

10.1-10.15 Day. The registration period expires on October 10. Please allocate time reasonably for the participating team. --xdsec

0x000

First off: Local off JavaScript to view the Web page source, the arrow refers to the part of the encryption part of the hexadecimal encryption

The decryption was key:f1rstpa5skey.

0x001

Second off local intercept view packets know that a cookie needs to be decrypted

Visual for hex encryption decrypted (zzbozxhuzg8wcm==), this is not the final result, judged as Base64 encryption, through Base64 decryption learned for g0nextdo0r

Get the final cookie value modify the local cookie submission to log into the system.

0x002

The third is

Modify head Content-language:en as prompted

Resubmit, enter system to get key

0X003

The four-off for the hint please login needs to log in to view locally intercepted packets

Attempt to change cookie admin=0 to Admin=1, login successfully

0x004

Five for a login page, enter the password box, need to crack

Check the bottom of the source code, you can find the password dictionary

Download it, load into the hack tool run password

0x005

The six-off estimate is to look for access data, based on tips <!--tips:conn.inc-->

?? Need further analysis!!

0x006

Seventh off is based on the exported Sam crack password

H4CKER:1004:C4FB857DAAF137F088BE239044A684C5:4708EEA5CCA17F195EE8EACA40153F5B:::

Run your own Rainbow watch.

Result is

71dd0709187df68befd20973fc23f973

4708eea5cca17f195ee8eaca40153f5b

0x007

Eighth off a login box, bypassing logging in

Account number is admin ' or ' = ' or '/**

Password: Random input

You can log in. Visual inspection for Dvwa Vulnerability Walkthrough environment;

0x008

The key is to get the clear text password for admin at the Nineth off prompt.

Inject bypass get admin password

Have

N1md4

0x009

Tenth close a PHP file, you need to intercept the local 00 truncation modify the packet before uploading the success

The answer is then back to a key;

2012 the third session of Xidian University network attack and Defense competition and network infiltration part of the clearance scheme V2.0

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.