HowStuffWorks.com Gets Owned

[Spartan Erik]

http://sentient.us.to/images/owned.jpg

Pretty humiliating if you ask me :naughty:

 

[Brandon]

LMFAO...WTF how did they get owned:thefinger

j/k nice find

 

[Livewire]

Huh. Guess they need to learn security.

And unless I'm mistaken doesn't howstuffworks have guides on security (http://computer.howstuffworks.com/security-channel.htm )? Insult to injury ^_^


Edit: Actually I think I can see how they basically faked it out - it's using radio buttons to identify what the selected answer is, and it's using post to retrieve it. But unless I'm wrong, POST can still be faked if someone knows what they're doing - what they need to do is actually check to make sure the answer submitted is a valid response XD

At least it wasn't anything vulgar/explicit that they submitted, right?

 

[Derek]

LOl nice!

 

[Cubeform]

Hmm. It appears to be some sort of SQL injection attack. Maybe the folks at Howstuffworks.com should post an article on it.

And right now, the ownage is still there. Go answer the survey on http://howstuffworks.com and see!

 

[Derek]

Lol its stil there...

 

[dest581]

Anyone want to advertise x10?

I hope the programmer learns how to properly make surveys. It shouldn't be as easy to hack as modifying HTML.

 

[Spartan Erik]

http://sentient.us.to/images/owned.jpg

Pretty humiliating if you ask me :naughty:

Wow, since that screenshot, many more people have hacked it.. some people even managed to put a vote for their own choice!

The people at HSW ought to get that fixed.. 10 bucks says it's going to happen to every new poll they make unless otherwise

 

[dest581]

Once you set up the modified page, voting is pretty simple. You just keep submitting. This is like basic HackThisSite levels

 

[Cubeform]

Oh my god. That is really insecure. You just have to modify ONE value and... it's really easy to hack. WOW. Suits them for having text as a value. None of that fancy injection stuff, you just have to use FireBug/Web Developer/Opera's Source editor! I put a value on there: "Is it this easy?" Yes. Yes it is.

Yeah, they need a better polling system.

 

[clareto]

But wait, It doesnt makes sense to me... does their code appends a new option to the survey when no match for the current vote is found? thats a pretty weird approach to adding options to a survey!!!. Can you imagine what a few of simple javascript can make to that site?? OMG!! they have SERIOUS design mistakes!

 

[dest581]

HTML is filtered out. There's a javascript attempt on there that failed.

I love the current winner. Some geek is loved.

 

[Livewire]

"The force is strong within you, I see. Stripping tags and protecting against the more advanced things. Too bad you guys go straight from a value field into displaying it. Havent you guys ever heard of"

Priceless and true. What good is blocking malicious things if you can't even make sure they're answering the survey properly XD

 

[dest581]

Couldn't it just be part of POST protection with mod_security, though?

Edit, looks like the first entry is DOSing the site now.

 

[Christopher]

I wonder how long it will take until they fix it. That should have noticed it by now.

 

[t2t2t]

I tried to "hack" todays poll, and i did it

 

[Christopher]

Awww
They are fixing the problem.

 

[Cubeform]

We're very sorry, but we have experienced a critical error and cannot show you the page you requested. Our engineers have been notified and are working hard to correct this issue as soon as possible.
Please check back soon.

But they're still doing raw text values for the poll. They've probably implemented some sort of switch statement to keep any bad values out.

 

[dest581]

Well, a person I know called them up to tell them. I'll say that's why it's down.

 

[Livewire]

Well, a person I know called them up to tell them. I'll say that's why it's down.

My bet is more than one person emailed/contacted them about it, or they'dve just shrugged it off as one users problem :S