Penetration testing 2 - need few guidelines please *POSSIBLE SPOILER*
Uh oh. Looks like your using an ad blocker.
Our site is support by ads that help to pay our hosting costs. Please disable or whitelist us within your ad blocker to help us keep the site online.
All money generate by ads and donations is used to pay the hosting costs of the site, for more information about our income and expenses please see our donation page.
I got the part with the login pretty quick, and then the part on the edit news page. for the database page i think i have to use sql injection, but i don't know the name of the database file, file that i think i have to find using the "Files" page because i see there that the default extension for the file is "CSV", comma separated values. This requires that multiple CSV files are in a directory, and so that directory can act as a "database" in which the CSV files are the tables.. or have i got this wrong? if I did get it right, then this means that there has to be a hidden directory around there. How can i find out if this directory exists? I have tried to download all the "site" but this didn't help. I've tried the " %00 " on the files page also, hoping to strip down the extensions ( I know that php won't interpret anything after %00, so this should have removed the ".csv" part (possible vulnerability), but this didn't work either. Something interesting is on the delete account page. The parameters are passed with " && " between them, not just " & " , so I guess this is a clue, but I didn't find anything about it on Google, so please help me a little bit here.
I would appreciate some guidelines about this one, as well as some articles to read. Thank you
I'm sorry mate, but in Chrome web browser, %00 is not working. So for everyone out there that want to get rid of the ".csv" and can't do it in chrome, just switch to Mozilla If only I knew this a few hours ago :D