Thread subject: Security Override :: Basic 4 help

Posted by hancoma on 06/10/2011 14:52:37
#1

Downloaded local copy of the challenge. Edited the action with I believe the correct url, and modified the user name. When I double click the saved/modified .html it simply comes up in browser pointing to my local drive.
What am I doing wrong that it is not executing?
I have reviewed http://www.w3schools.com/tags/tag_form.asp as some help, but still no success.
Can anyone assist?
Thanks.

Posted by hancoma on 06/10/2011 15:17:11
#2

Nevermind. I had the solution the whole time! I was expecting the page to look the same!!!! Had I scrolled down…which I finally did.

Posted by promitheas on 11/09/2012 16:22:17
#3

hancoma wrote:
Downloaded local copy of the challenge. Edited the action with I believe the correct url, and modified the user name. When I double click the saved/modified .html it simply comes up in browser pointing to my local drive.
What am I doing wrong that it is not executing?
I have reviewed http://www.w3schools.com/tags/tag_form.asp as some help, but still no success.
Can anyone assist?
Thanks.

Could you please hint me on how to "Download a local copy"? I know that I know how to do it, it's just that I can't think of the way.

Posted by promitheas on 11/09/2012 17:09:44
#4

After trying various methods unsuccesfully, I tried editing the value of Guest to Admin, but then it takes me to a new page that says:
"You have the right idea, although this challenge's focus is to make sure you know how to edit and execute from local scripts.
Please try again."
What should I do? What does the reply that I got mean? I don't know what to do.

Posted by Null Set on 11/11/2012 08:15:07
#5

promitheas wrote:
After trying various methods unsuccesfully, I tried editing the value of Guest to Admin, but then it takes me to a new page that says:
"You have the right idea, although this challenge's focus is to make sure you know how to edit and execute from local scripts.
Please try again."
What should I do? What does the reply that I got mean? I don't know what to do.


You have to edit it locally. I'm assuming you know what that means? That's all there is to it. Just make sure the form submits to the right location still.

Posted by promitheas on 11/12/2012 16:06:03
#6

Null Set wrote:
promitheas wrote:
After trying various methods unsuccesfully, I tried editing the value of Guest to Admin, but then it takes me to a new page that says:
"You have the right idea, although this challenge's focus is to make sure you know how to edit and execute from local scripts.
Please try again."
What should I do? What does the reply that I got mean? I don't know what to do.


You have to edit it locally. I'm assuming you know what that means? That's all there is to it. Just make sure the form submits to the right location still.

I don't know what that is but I'll google it. Thanks Null Set!

Posted by Teddy on 11/12/2012 17:50:10
#7

There are other Threads where you can show and if I rem right it was answered there & there should be another way. I cannot remembber it now but I am pretty sure I did not edit it localy...Localy like download HTML-> Edit HTML-> Submit...???

Posted by promitheas on 11/15/2012 12:19:42
#8

promitheas wrote:
Null Set wrote:
promitheas wrote:
After trying various methods unsuccesfully, I tried editing the value of Guest to Admin, but then it takes me to a new page that says:
"You have the right idea, although this challenge's focus is to make sure you know how to edit and execute from local scripts.
Please try again."
What should I do? What does the reply that I got mean? I don't know what to do.


You have to edit it locally. I'm assuming you know what that means? That's all there is to it. Just make sure the form submits to the right location still.

I don't know what that is but I'll google it. Thanks Null Set!


Sorry. I couldn't find a good explanation anywhere. Would you be so kind as to define editing a script locally for me or redirecting me to a place that will define it for me?

Posted by Null Set on 11/15/2012 12:30:53
#9

promitheas wrote:
promitheas wrote:
Null Set wrote:
promitheas wrote:
After trying various methods unsuccesfully, I tried editing the value of Guest to Admin, but then it takes me to a new page that says:
"You have the right idea, although this challenge's focus is to make sure you know how to edit and execute from local scripts.
Please try again."
What should I do? What does the reply that I got mean? I don't know what to do.


You have to edit it locally. I'm assuming you know what that means? That's all there is to it. Just make sure the form submits to the right location still.

I don't know what that is but I'll google it. Thanks Null Set!


Sorry. I couldn't find a good explanation anywhere. Would you be so kind as to define editing a script locally for me or redirecting me to a place that will define it for me?


Editing - to change something
Script - a piece of code, usually it's what you want to edit
Local - a domain defined as being either closest in terms of proximity or by access.

Simply put, you have to change a piece of code at that place that's closest to you in terms of access. If you still don't get it by now, you may want to send me a PM. If you do, please detail in everything you've tried first.

Posted by promitheas on 01/28/2013 20:29:37
#10

Hi again,
I just came back to try to finally beat this challenge, and I Inspected an Element with Firebug on the drop down of the users. I added an option for Admin, and then i saw a piece of code which was under <div id="b4challengelogin">. It was called CSRF_TOKEN Could someone just tell me whether that small piece of code has any significance? Oh, and, I tried downloading a copy of the site. Didn't work.
Thanks in advance. I really am eager to solve this challenge.

Posted by Tommy on 01/29/2013 07:48:28
#11

promitheas wrote:
Hi again,
I just came back to try to finally beat this challenge, and I Inspected an Element with Firebug on the drop down of the users. I added an option for Admin, and then i saw a piece of code which was under <div id="b4challengelogin">. It was called CSRF_TOKEN Could someone just tell me whether that small piece of code has any significance? Oh, and, I tried downloading a copy of the site. Didn't work.
Thanks in advance. I really am eager to solve this challenge.

I didn't have to edit more than 1 thing locally.
Also as for the CSRF_TOKEN, no that has no significance.

Posted by N u r V on 03/31/2013 22:11:57
#12

Tommy wrote:
promitheas wrote:
Hi again,
I just came back to try to finally beat this challenge, and I Inspected an Element with Firebug on the drop down of the users. I added an option for Admin, and then i saw a piece of code which was under <div id="b4challengelogin">. It was called CSRF_TOKEN Could someone just tell me whether that small piece of code has any significance? Oh, and, I tried downloading a copy of the site. Didn't work.
Thanks in advance. I really am eager to solve this challenge.

I didn't have to edit more than 1 thing locally.
Also as for the CSRF_TOKEN, no that has no significance.


i used a firefox add on saved a copy of the site edited the fields. Still didnt work.
ill come back to it.

Posted by N u r V on 03/31/2013 22:22:44
#13

Nevermind I got it.

My Goodness the answer is always right in front you. You just skip the minor details that really helps.

Posted by chaitanya on 04/25/2013 13:05:16
#14

what is the answer for basic 4.. i tried changing to Admin.. what has to be done further?

Posted by Asch on 04/25/2013 18:01:08
#15

Null Set wrote:
promitheas wrote:
After trying various methods unsuccesfully, I tried editing the value of Guest to Admin, but then it takes me to a new page that says:
"You have the right idea, although this challenge's focus is to make sure you know how to edit and execute from local scripts.
Please try again."
What should I do? What does the reply that I got mean? I don't know what to do.


You have to edit it locally. I'm assuming you know what that means? That's all there is to it. Just make sure the form submits to the right location still.


Response already given ..

Posted by chaitanya on 04/26/2013 01:36:47
#16

Yippee cleared level 4

Other way to get through is deleting the cookie where the password is save which is not allowing to login...

Posted by thesweetdevilguy on 08/17/2013 16:13:59
#17

wow i tried the tamper data changed the admin .. but gives me a message "You have the right idea, although this challenge's focus is to make sure you know how to edit and execute from local scripts.
Please try again."

i have downloaded a copy using scrap book ..

now i am stuck ..

Posted by thesweetdevilguy on 08/17/2013 16:26:34
#18

contd...

I could find the guest and i have changed the code
"

<div class="main-border">
<div class="main-caption"><table cellpadding="0" cellspacing="0" width="100%">
<tbody><tr><td class="otblock-L"></td><td class="otblock-C"><center>Basic Level 4</center></td><td class="otblock-R"></td></tr></tbody></table><table cellpadding="0" cellspacing="0" width="100%">
<tbody><tr><td class="headerotblock">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td></tr></tbody></table></div>
<div class="main-body">
<br><center><h2><span style="color: white;">- [</span> <span class="challtitle">Basic Level 4</span> <span style="color: white;">] -</span></h2></center><br><hr><br><div id="scoreboardB">
<table>
<tbody><tr>
<td class="tbl11">
<center>
<center><p>WARNING UNAUTHORIZED ACCESS IS PROHIBITED</p></center><center>Please login as Admin. Your password has been saved.</center><div id="basic4"><p>Username:</p><form action="http://securityoverride.org/challenges/basic/4/" method="post"><input value="<?php echo $_SESSION['CSRF_TOKEN'];?>" name="CSRF_TOKEN" type="hidden"></form>
<select class="b4txtarea1" name="uname"><option value="Admin">Guest</option><option value="Anonymous">Anonymous</option><option value="thesweetdevilguy">thesweetdevilguy</option></select><p>Password:</p><p>**********</p><div id="challengelogin"><input value="" type="submit">

</div></div></center><table class="challtable">

</table>
</td>
</tr>
</tbody></table>
<br></div></div>
<table cellpadding="0" cellspacing="0" width="100%">
<tbody><tr><td class="footerctblock">&nbsp;</td></tr></tbody></table><table cellpadding="0" cellspacing="0" width="100%">
<tbody><tr><td class="ctblock-L"></td><td class="ctblock-C">&nbsp;</td><td class="ctblock-R"></td></tr></tbody></table></div>







<div class="side-border">
<div class="side-caption"><table cellpadding="0" cellspacing="0" width="100%">
<tbody><tr><td class="osblock-L"></td><td class="osblock-C">&nbsp;&nbsp;&nbsp;&nbsp;Related Ads</td><td class="osblock-R"></td></tr></tbody></table></div>
<div class="side-body floatfix">
<div id="addsfooter" style="margin-left: auto; margin-right: auto; width: 468px;">
<iframe style="border: 0px none; width: 468px; height: 60px;" src="index_1.html" scrolling="no"></iframe>
<!--<iframe src="http://bitcoinadvertisers.com/a.php?p=15VcwARnVQ4GAcKtoa4fLxAUS9pFhsWsaG&a=4&bg=000000&link=3366FF&text=414141" scrolling="no" style="width:468px;height:60px;border:1px solid #f2f2f2;"></iframe>-->
</div>
</div>
</div>
<table cellpadding="0" cellspacing="0" width="100%">
<tbody><tr><td class="csblock-L"></td><td class="csblock-C">&nbsp;</td><td class="csblock-R"></td></tr></tbody></table>
<br></div></div>
</div>
<div class="clear"></div>
<div id="footer">
<div class="warningmsg" style="width: 100%;">
<br><br><img src="footertxt.png" usemap="#footermap" alt="">
<map name="footermap"><area shape="rect" coords="360,8,580,20" href="http://securityoverride.org/print.php?type=T" alt="Terms"></map></div>
<div class="clear"><br></div>
<div class="flleft" style="width: auto;">Render time: 0.30 seconds</div>
<div class="flright" style="text-align: right; width: auto;"><!--counter-->10,845,602 unique visits</div>
<div class="clear"></div>
</div></div>





</body>
</html>
"

after i refresh the local index.html..

it does not change..

any ideas please

Posted by YozoraRei on 10/18/2013 12:03:00
#19

hey guys... i tried using scrapbook but i can't login.... even i changed value from guest to admin... so what local script mean is?

Posted by seamaner on 10/24/2013 23:23:27
#20

I have passed basic4, but i am confused. why r*f*r* ??

Posted by C4C1337 on 10/30/2013 15:09:54
#21

I have no idea how to execute locally. Yes, I know how to change the value to admin. However, opening the html file in my browser means that all the directories pointing to places on securityoverride are now pointing to nonexistent places on my disk.

Posted by SMB on 11/02/2013 00:29:22
#22

Not exactly, do a little more research on this. Chances are you're really close and might need to go a step further or adjust some small detail.

Posted by growwor on 03/07/2014 03:47:32
#23

Anybody tell me what's local script mean... ??? please
I had read everything, but nothing told about local script.

Posted by DrAntarctica on 03/28/2014 15:00:15
#24

Ok, I've saved the page in my computer, I've changed the values to "Admin" and I've changed the action="" to action="original page" but when I open it in the browser, everything is the same and the submit button is invisible and nothing happens when I click it.

thanks for the attention,
Dr. Antarctica

Posted by 123123 on 04/26/2014 04:51:48
#25

help me

Posted by 123123 on 04/26/2014 04:57:32
#26

Who can help me&#65311;thanks
You have the right idea, although this challenge's focus is to make sure you know how to edit and execute from local scripts.