By Pass Login

[spoofjack 40]

Is it possible to bypass the login through the interwebs?

 

 

Please login or register to see this link.

 

 

[spoofjack 40]

Well it is possible but they have updated security.

 

code from java auth emulation -
System.out.println("Handle Auth connection");
Map<String, Object> parameters = new HashMap();
InputStreamReader isr = new InputStreamReader(he.getRequestBody(), "utf-8");
BufferedReader br = new BufferedReader(isr);
String query = br.readLine();
Handlers.parseQuery(query, parameters);
if ((parameters.get("hwid ").toString().replace("%2B", "+") != null) && (parameters.get("hwid ").toString().replace("%2B", "+") != "")) {
Handlers.hwid = parameters.get("hwid ").toString().replace("%2B", "+") + "=";
}
String response = "{ \"error\" : false, \"expired\" : \"01/01/2020 00:00:00 AM\"}";
System.out.println("Handle Auth response : " + response);
he.sendResponseHeaders(200, response.length());
he.setAttribute("content-type", "application/json");
OutputStream os = he.getResponseBody();
os.write(response.toString().getBytes());
os.close();

Credits To poper21

 

Now to work on new bypass

[Todeskiwi 4]

I kinda think they rely on a more webserver based auth system. CloudFlare will filter out most of the common attacks needed for that task that way.

[SND 216]

On 28.10.2016 at 9:00 PM, spoofjack said:

Is it possible to bypass the login through the interwebs?

 

 

Please login or register to see this link.

 

 

so what is the question  ? Bypassing the login on that website ?