Challenge: Credit Card Challenge Pwned! Help Board Go to the Credit Card Challenge Pwned! challenge
Global Rank: 172
Totalscore: 115510
Posts: 166
Thanks: 164
UpVotes: 121
Registered: 16y 261d
Last Seen: 1y 71d
The User is Offline
Challenge: Credit Card Challenge Pwned! Help Board
Sep 03, 2009 - 07:22:07 (15y 71d)
Sep 03, 2009 - 07:22:07 (15y 71d)
This challenge is an offline challenge. This means you need a working
apache + mysql + php environment to solve this challenge. The checking
of the solutions is offline as well. I hate it, but can't do any
application which could check every solution properly. If anyone
has any idea for an online solution checker, let me know
If you have no apache + mysql + php environment, I suggest to use xampp on
Windows and Linux, and mamp on Mac. After downloading them you can setup a
working environment in minutes. But solving the challenge needs some more
time. Start mysql, open a command window, cd xampp/mysql/bin, run mysql.exe
with mysql -u root (-p if you have set already password)
Copy pastable SQL commands (please see comments below):
---------------------------------------------------------------------------
-
Comments:
First you have to setup an admin password for mysql, then login to it with
> mysql -u root -p
after that create a user with:
> create user 'www-user2'@'localhost' identified by 'secure_password12';
and create a database with
> create database test;
change database:
> use test;
create table:
> create table not_important_table (id int, name varchar(500));
and insert a row into it :
> insert into not_important_table values(1,'test');
create the credit card table and insert some data
> create table credit_card(id int, cc_number biginteger,cvv integer);
> insert into credit_card values(1,1111222233334444,321);
> insert into credit_card values(2,1234567890123245,963);
> commit;
grant privileges:
> grant select on test.* to 'www-user2'@'localhost';
Start the apache web server and you can access the query.php via the
webserver like http://127.0.0.1/query.php
Now you can test on your own environment.
Good luck and don't forget to block every incoming connection to your whole
test environment, except localhost
Update: mysql_connect was removed in PHP 7.0.0, please use older version of PHP or refactor the scripts to use mysqli_* functions.
apache + mysql + php environment to solve this challenge. The checking
of the solutions is offline as well. I hate it, but can't do any
application which could check every solution properly. If anyone
has any idea for an online solution checker, let me know
If you have no apache + mysql + php environment, I suggest to use xampp on
Windows and Linux, and mamp on Mac. After downloading them you can setup a
working environment in minutes. But solving the challenge needs some more
time. Start mysql, open a command window, cd xampp/mysql/bin, run mysql.exe
with mysql -u root (-p if you have set already password)
Copy pastable SQL commands (please see comments below):
GeSHi`ed SQL code
1 2 3 4 56 7 8 9 1011 | CREATE USER 'www-user2'@'localhost' IDENTIFIED BY 'secure_password12'; CREATE DATABASE test; USE test; CREATE TABLE not_important_table (id INT, name VARCHAR(500)); INSERT INTO not_important_table VALUES(1,'test'); CREATE TABLE credit_card(id INT, cc_number BIGINT,cvv INTEGER); INSERT INTO credit_card VALUES(1,1111222233334444,321); INSERT INTO credit_card VALUES(2,1234567890123245,963); commit;GRANT SELECT ON test.* TO 'www-user2'@'localhost'; |
---------------------------------------------------------------------------
-
Comments:
First you have to setup an admin password for mysql, then login to it with
> mysql -u root -p
after that create a user with:
> create user 'www-user2'@'localhost' identified by 'secure_password12';
and create a database with
> create database test;
change database:
> use test;
create table:
> create table not_important_table (id int, name varchar(500));
and insert a row into it :
> insert into not_important_table values(1,'test');
create the credit card table and insert some data
> create table credit_card(id int, cc_number biginteger,cvv integer);
> insert into credit_card values(1,1111222233334444,321);
> insert into credit_card values(2,1234567890123245,963);
> commit;
grant privileges:
> grant select on test.* to 'www-user2'@'localhost';
Start the apache web server and you can access the query.php via the
webserver like http://127.0.0.1/query.php
Now you can test on your own environment.
Good luck and don't forget to block every incoming connection to your whole
test environment, except localhost
Update: mysql_connect was removed in PHP 7.0.0, please use older version of PHP or refactor the scripts to use mysqli_* functions.
Last edited by Z - May 27, 2018 - 13:17:05
Global Rank: 454
Totalscore: 54457
Posts: 18
Thanks: 11
UpVotes: 12
Registered: 12y 213d
Last Seen: 47d 19h
The User is Offline
RE: Challenge: Credit Card Challenge Pwned! Help Board
Apr 15, 2012 - 01:26:48 (12y 212d)
Apr 15, 2012 - 01:26:48 (12y 212d)
edit: Sorry was a bit overhasty there ;)
Last edited by SleepProgger - Apr 15, 2012 - 13:02:48
Global Rank: 318
Totalscore: 72371
Posts: 25
Thanks: 24
UpVotes: 17
Registered: 11y 37d
Last Seen: 2y 288d
The User is Offline
RE: Challenge: Credit Card Challenge Pwned! Help Board
Jan 25, 2014 - 13:52:09 (10y 291d)
Jan 25, 2014 - 13:52:09 (10y 291d)
I'm just starting to crack this problem, but it's not hints I want. I want to tell you my idea for testing solution in auto mode, no more manual checking. Well from time to time it's ok to have some manual maintenance .
My idea consists in using a headless web browser to check the solution. The idea is that the headless web browser can access the link that you would access by hand, run the attacker's payload and then close. If the payload was good then the attacker obtains the values he wants in it's logger. One more thing. The machine where the headless browser will run inside the intranet so it can access:
Here you can find more info about a headless web browser written in Python (PySide/PyQt, WebKit)
Usage example:
I never used Spynner, but I found it while I tryed to find info about Python and Webkit integration when I was considering writing a bare bone headless web browser by myself.
I hope it helps.
.My idea consists in using a headless web browser to check the solution. The idea is that the headless web browser can access the link that you would access by hand, run the attacker's payload and then close. If the payload was good then the attacker obtains the values he wants in it's logger. One more thing. The machine where the headless browser will run inside the intranet so it can access:
GeSHi`ed Plaintext code
1 | http://very-secure-intranet.local/query.php |
Here you can find more info about a headless web browser written in Python (PySide/PyQt, WebKit)
GeSHi`ed Plaintext code
1 | https://github.com/makinacorpus/spynner |
Usage example:
GeSHi`ed Plaintext code
1 | https://github.com/makinacorpus/spynner/blob/master/src/spynner/tests/spynner.rst |
I never used Spynner, but I found it while I tryed to find info about Python and Webkit integration when I was considering writing a bare bone headless web browser by myself.
I hope it helps.
Redknee, ckclark, tunelko, silenttrack, n0tHappy, nonfungiblesecurity, quangntenemy, TheHiveMind, Z, balicocat, Ge0, samuraiblanco, arraez, jcquinterov, hophuocthinh, alfamen2, burhanudinn123, Ben_Dover, stephanduran89, braddie0, SwolloW, dangarbri have subscribed to this thread and receive emails on new posts.
1 people are watching the thread at the moment.
This thread has been viewed 29447 times.
1 people are watching the thread at the moment.
This thread has been viewed 29447 times.