POST Practice
40 points Medium

This website requires authentication, via POST. However, it seems as if someone has defaced our site. Maybe there is still some way to authenticate? http://165.227.106.113/post.php

Flag
Rating 4.44
5
4
3
2
1

Discussion

dead ?

0

use cmd line tools :)

0

I was rather easy

0

I dont get it I'm using postman to send a POST with the paramaters for username and password but it just keeps sending back the source code. What POST data am I missing to submit?

0

I dont get it I'm using postman to send a POST with the paramaters for username and password but it just keeps sending back the source code.

0

I'm LOST, please help me, I'm new to this and have no idea what I'm doing

0

ok, I'm brand new to this and I'm either lucky as hell or normal lucky? I opened the source code and ctrl f typed password see what shows up, two lines shows up with curl and ones has find it for the password and the other has what seemingly is a password. one has .x for the ip other has .113 so I took the one with the "real" password and replaced the .x with the .113 and entered it into my VM and it worked... I solved it... but I have no idea what curl does or how it works. I just used random thoughts in my head that sprung from the super liquid I drank this morning? (water) thoughts?

0

Use inspect element for the credentials .

0

it was fun

0

Use this command curl "http://165.227.106.x/post.php" -d "username=admin&password=71urlkufpsdnlkadsf"

0

how?

0

Just use -X and -d flags in curl, its rather easy took 10 sec

0