Realistic 8
Realistic 8
ghost | 10774 Reads | Realistic 8
This is a guide on how to complete Realistic Challenge 8
Okay i read another article on this challenge which had some code and spoke about cURL and php etc… That isn’t the only way you can complete this challenge.
I recommend you Google Buffer Overflow for more information.
Buffer overflow:- Buffer overflows may cause a process to crash or produce incorrect results. They can be triggered by inputs specifically designed to execute malicious code or to make the program operate in an unintended way. As such, buffer overflows cause many software vulnerabilities and form the basis of many exploits. Sufficient bounds checking by either the programmer or the compiler can prevent buffer overflows. Wikipedia
In a scenario like this one, to determine if it is buffer overflow vulnerable then you would put in the correct username, a random password. Hit enter and it will say invalid password. Now you keep refreshing as fast as possible, (Hint// using firefox hitting F5 then enter works a treat)
Once you have promptly refreshed the page about 20 something times then the data is corrupted and it goes in your favour. Now you are logged in, time to complete the rest of the challenge.
Please comment and rate this article Feel free to PM if you need extra help
The_Flash
ghost 15 years ago
Good article but I think you gave away to much. You basically give a step by step on how to completed this. To much of a spoiler but it is a better way then the brute force. I figured it out because I was testing XSS and SQL injection on the form and just entered in to much data.