Now moving on to the next challenge.
Here we have something to click on :D. First what I did was clicked on all
I created a page called Just for Fun. If you look the URL and the id, you will see 13. When another page was created, the id was 14. The id for Markdown Test is 2. So, where are other pages from 3-12? Let's check in turn.
404 Not Found Error
For all other id's 404 error was seen except for one.
Voila! there is a flag. This is an example of unauthorized access.
I created a page called Just for Fun. If you look the URL and the id, you will see 13. When another page was created, the id was 14. The id for Markdown Test is 2. So, where are other pages from 3-12? Let's check in turn.
404 Not Found Error
- http://35.190.155.168/64fcf8db67/page/3
- http://35.190.155.168/64fcf8db67/page/4
- http://35.190.155.168/64fcf8db67/page/5
- http://35.190.155.168/64fcf8db67/page/6
- http://35.190.155.168/64fcf8db67/page/8
- http://35.190.155.168/64fcf8db67/page/9
- http://35.190.155.168/64fcf8db67/page/10
- http://35.190.155.168/64fcf8db67/page/11
- http://35.190.155.168/64fcf8db67/page/12
For all other id's 404 error was seen except for one.
- http://35.190.155.168/64fcf8db67/page/7 (403 Forbidden)
This means that there is something in this id, it's just not available for us. We are not authorized to view this page. We don't have direct mechanism to access this page too. Let's find the workaround then. If you notice, for every page there is an option to edit the page. When we edit any page, we can see that identifier to the page we are trying to edit. Like for the Testing page http://35.190.155.168/64fcf8db67/page/edit/1
I will now change this 1 to 7 to see the behavior of the page http://35.190.155.168/64fcf8db67/page/edit/7
It is really very helpful for us and I have gathered some important information from this blog .. Kosher Certification
ReplyDeleteFULLZ AVAILABLE WITH HIGH CREDIT SCORES 700+
ReplyDelete(Spammed From Credit Bureau of USA)
=>Contact 24/7<=
Telegram> @killhacks
ICQ> 752822040
FRESHLY SPAMMED
VALID INFO WITH VALID DL EXPIRIES
*All info included*
NAME+SSN+DOB+DL+DL-STATE+ADDRESS
Employee & Bank details included
CC & CVV'S ONLY USA AVAILABLE
$1 for SSN+DOB
$2 for SSN+DOB+DL
$5 for High credit fullz 700+
(bulk order negotiable)
*Payment in all crypto currencies will be accepted
->You can buy few for testing
->Invalid or wrong info will be replaced
->Serious buyers needed for long term
PLEASE DON'T ASK ANYTHING FOR FREE
TOOLS & TUTORIALS AVAILABLE FOR SPAMMING, HACKING & CARDING
(Carding, spamming, hacking, scam page, Cash outs, dumps cash outs)
Ethical Hacking Tools & Tutorials
Kali linux
Facebook & Google hacking
SQL Injector
Bitcoin flasher
Keylogger & Keystroke Logger
Premium Accounts (Netflix, coinbase, FedEx, Pornhub, etc)
Paypal Logins
Bitcoin Cracker
SMTP Linux Root
DUMPS with pins track 1 and 2
Smtp's, Safe Socks, rdp's, VPN, Viruses
Cpanel
Php mailer
Server I.P's & Proxies
HQ Emails Combo
*If you need a valid vendor it's very prime chance, you'll never be disappointed*
CONTACT 24/7
Telegram> @killhacks
ICQ> 752822040
ReplyDeleteIt is very useful and knowledgeable. Therefore, I would like to thank you for the efforts you have made in writing this article.
C9200-48T-E
C9300-24T-E
C9300-24t-A
C9500-NM-8X