ecollege hacking
Download
Skip this Video
Download Presentation
ECollege Hacking

Loading in 2 Seconds...

play fullscreen
1 / 12

ECollege Hacking - PowerPoint PPT Presentation


  • 127 Views
  • Uploaded on

ECollege Hacking. Marcial White. Introduction. Client Side vs. Server Side Javascript POST vs. GET. Howto Retake tests. Using simple URL manipulation …. That’s pretty much it. Examine the source code Rebuild the URL with the pertinent variables Hit enter.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'ECollege Hacking' - serge


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
ecollege hacking

ECollege Hacking

Marcial White

introduction
Introduction
  • Client Side vs. Server Side
  • Javascript
  • POST vs. GET
howto retake tests
Howto Retake tests
  • Using simple URL manipulation

…. That’s pretty much it.

  • Examine the source code
  • Rebuild the URL with the pertinent variables
  • Hit enter
look for this chunk of javascript
Look for this chunk of Javascript
  • <!-- function BeginExam() { var url = \'\'; var url2 = \'\';

if (document.ExamPost.ExamPassword .value == "") { alert("Please enter a password.") return false; }

url2 = \'&ExamPassword=\' + document.ExamPost.ExamPassword. value;

url += \'/ec/exm2/StudentBeginExam.learn\';

url += \'?CourseID=2169391\';

//url += \'&BeginExam=1\';

url += \'&ExamPKID=1370799\';

url += \'&UnitNumber=10\';

url += \'&CoID=48\';

url += url2; top.Content.location = url; } //-->

spoofing your name in posts
Spoofing your name in posts …
  • Javascript is client side
  • Easily manipulable, if you have webspace to use …
  • Copy the source of the page
  • Change the hardcoded names
  • Comment out the verification function at the top
  • Upload
  • Run
  • Don’t forget: relative vs. absolute paths
the validation function
The Validation Function …

function validate(f) { if (submitted) { return false; } // if (f.message.value=="") { ttrack 13518 if (CRTrim(f.message.value)=="") { //ttrack 13518 alert(\'Please add text for this thread.\'); f.message.focus(); return false; } submitted = true; //11/21/00 bugtar 991 if (f.FILE.value!="") { document.StatusUser.submit(); } //11/21/00 end return true; }

the hardcoded name
The hardcoded name …
  • <tr class="tr-content-light"> <td class="td-content-dark" align="right"><strong>First Name :</strong></td> <td class="td-content-dark">Marcial<input type="hidden" name="firstname" value="Marcial"></td> </tr> <tr class="tr-content-light"> <td class="td-content-dark" align="right"><strong>Last Name :</strong></td> <td class="td-content-dark">White<input type="hidden" name="lastname" value="White"></td> </tr>
problems
Problems …
  • Password protected tests
  • Hum …. I guess that’s it.
disclaimer
Disclaimer …
  • White hat vs. Black hat
  • I do this so it will get fixed
  • Pretty cool eh?
  • Questions?
ad