Posted: Thu Dec 29, 2011 9:42 pm
Page 2 of 2
Posted: Sun Apr 22, 2012 1:04 pm
I solved it with Firebug
Posted: Mon Jul 30, 2012 12:55 am
Oki, finaly I solve it !!!
But you have to explain me something. I've try a lot of things with wget. Before I didn't know this program.
I have try to download one.php but impossible. [ I think I don't have the permission.]
So after I have try to use php injection (I think because I don't know if it's that or not
) with file_get_contents(). So someone can explain me how to use this ?
I think I have to use this with wget --post-data no ?
So finally I have use analyse.info to find the solution.
I will be really greatfull if someone can help me because this challenge was really difficult for me because I don't really know php wget and injection.
Thank you !
edit: I have also try wget --server-response "http://www.hacker.org/challenge/misc/one.php" But I receive the content of two.php
But you have to explain me something. I've try a lot of things with wget. Before I didn't know this program.
I have try to download one.php but impossible. [ I think I don't have the permission.]
So after I have try to use php injection (I think because I don't know if it's that or not
) with file_get_contents(). So someone can explain me how to use this ?I think I have to use this with wget --post-data no ?
So finally I have use analyse.info to find the solution.
I will be really greatfull if someone can help me because this challenge was really difficult for me because I don't really know php wget and injection.
Thank you !
edit: I have also try wget --server-response "http://www.hacker.org/challenge/misc/one.php" But I receive the content of two.php
Posted: Thu Aug 02, 2012 1:51 pm
You don't have to know anything about PHP to solve this challenge.
Try to deal a little with the HTTP protocol and it's headers and status codes!
And if you found out, what status code 302 means, you know why you only see two.php in your browser and why one.php not even exists.
wget has options to deal with that challenge too (--max-redirect and -S) but especially for this challenge "telnet" is enough to solve.
Try to deal a little with the HTTP protocol and it's headers and status codes!
And if you found out, what status code 302 means, you know why you only see two.php in your browser and why one.php not even exists.
wget has options to deal with that challenge too (--max-redirect and -S) but especially for this challenge "telnet" is enough to solve.
Posted: Thu Aug 02, 2012 6:25 pm
Oki and tank you.
What I mean is: Is it possible to use file_get_content() and how ?
thanks
What I mean is: Is it possible to use file_get_content() and how ?
thanks
Posted: Thu Aug 02, 2012 11:46 pm
You obviously did not read the HTTP specification, did you? See http://www.w3.org/Protocols/rfc2616/rfc2616.html
You can not read something, which is not there! one.php does not exist!
So file_get_content probably would read nothing... or an empty string.
A HTTP request "consists" of headers and body (=contents). Guess what file_get_content reads and what it doesn't?
You need to use get_headers from inside PHP to get the necessary information (see pokus1's post).
You can not read something, which is not there! one.php does not exist!
So file_get_content probably would read nothing... or an empty string.
A HTTP request "consists" of headers and body (=contents). Guess what file_get_content reads and what it doesn't?
You need to use get_headers from inside PHP to get the necessary information (see pokus1's post).
Posted: Fri Aug 17, 2012 4:39 pm
Chrome and F12 is enough
Posted: Fri Aug 17, 2012 5:20 pm
Cool! I didn't know about that. It took me longer to find the tab with the header info than to solve the challenge with telnet , but anyway, it's a great feature.
, but anyway, it's a great feature.