Some advice needed here.I assume I need to steal a cookie for this mission via the mail section.Am I on the right path. Anyone have any good links to help me solve this one? Thanks.

Is it really possible to pass this challenge? Because when i try to spoof that header then it just does not work...websever will redirect me.

Well Hello,
i tried everything i could. Even setup a local http server to check the headers and the function. I still cant get a mail. Hope someone can get me on the right track if i missed something.

Hello,

Can someone help me? I think I am on the right track, by modifying the headers, but I cannot seem to ever get an e-mail response. I even tried to fill the form normally to try to get an e-mail and I couldn't. Is the e-mail server down by any chance? Thanks

Can you guys help me I tried to redirect the site so that host changes but i could not get the email. Am I missing something here ...

Hi,

Below is the information I gained by working on the challege:

Your goal is to exploit the contact form of the challege which was abused in the past to send mail to email addresses other than the one specified in the to field of the contact form i.e. admin[at]host. (maybe it will reveal the password on the same contact page)

There is a php file named "mail_src[dot]php" and if I'm not wrong, it is the same file being used in the contact form which reveals the details of the contact form and it's working. The only posible way I can think of is to exploit the HOST header which is being used by the contact form to send mail to. Thus, to send mail to our provided mail address, we are required to exploit $to = admin[at]host where we are able to manipulate host from our end. Please correct me if I'm wrong.

Manipulating HOST will redirect the whole page to our provided domain so that won't work either.

What I want to know now is the next step, If you can provide any hint to the next step apart from the one provided in the latest response, it will be really appreciated. Also, I don't mean to provide any kind of spoilers to anyone new here. If you find this to be doing so, you can remove the post or ask me to do so.

Kayla Graves:
What makes you so sure?:

Of air are protected by Moyki from moisture influence that provides them long service life.

Country: Great Britain; Producer: China; Area of moistening, m:; Volume of the tank, l:; Colicestvo of operating modes: ultrasonic evaporation; Raschod of water, млч:; Power consumption, W:; Gabarity VKHSHKHG, cm: хх; Ves, kg:; Garantiyagod Gabarity (VKHSHKHG смххВес, kgstrana Great Britain the Food Producer China, Moscinost's VV, Vtploshchad of cleaning, мПлощадь moistening, мГигрометр Net Ghigrostat Da Col-vo of the modes rabotyoby a tank, l of Dantex of D-HUFO will become an irreplaceable your house accessory at all seasons of the year. Conditioners and heating constantly dry air indoors, however thanks to this humidifier, you without effort will be able to maintain optimum level of humidity. Country: Great Britain; Producer: China; Area of moistening, m:; Volume of the tank, l:; Colicestvo of operating modes: ultrasonic humidifier of Dantex d-h45un evaporation; Raschod of water, млч:; Power consumption, W:; Gabarity VKHSHKHG, cm: хх; Ves, kg:; Country: Great Britain; Producer: China; Area, m:; Volume of a tank, l:; Col-vo of operating modes:; Raschod of water, млч:; Moscinost, W:; Gabarity VKHSHKHG, cm: ххВес, kg:; Guarantee: year; Country: Great Britain; Producer: China; Area, m:; Volume of a tank, l:; Col-vo of operating modes:; Raschod of water, млч:; Moscinost, W:; Gabarity VKHSHKHG, cm: хх; Ves, kg:; Guarantee: year; Country: Great Britain; Producer: China; Area of moistening, m:; Volume of the tank, l:; Raschod of water, млч:; Ghigrostat: Is; Power consumption, W:; Gabarity VKHSHKHG, cm: xx; Ves, kg:; Guarantee: year; Country: Great Britain; Producer: China; The Area on moistening, m:; Tank volume for water, l:; Raschod of water, млч:; Sound pressure level, dBA:; Rated power consumption, W:; Gabarity VKHSHKHG, cm: xx; Ves, kg:; Gar.

Monica Andrade:
What gave you that idea?:

Delivery across Moscow (within MKAD) rubles. Delivery across the Moscow region (or Moscow outside MKAD) is carried out on tarifurubly for kilometer from MKAD. The possibility of shipment at own expense from our warehouse is available to some types of goods. Delivery across Russia is carried out by transport companies (TNT, Baikal service, Business Lines, Zheldorekspedition, PEK, Russian Post and тд.). You can make payment for goods the next ways: By bank transfer, with the indication of the order number in the payment basis. The commission of bank is paid by the buyer; Non-cash payment, on the basis of the invoice. Shipment is made after prepayment %. All necessary documents the confirming facts of purchase of goods and the warranty card are provided together with goods.

Calorex DHAX-LPHW dehumidifiers for prevention of emergence of condensate in pools, also provides to emergence of a fungus and mold automatic support of the established microclimate in pools. Floor air dryers for pools of calorex air dryers are intended for use in small pools and have productivity – removal of kondensatalitr in day at temperature°s and relative humidity of %.

Samantha Ayala:
The question now is ...?:
Color Standard color of fan heaters HELIOS gray RAL. HLRAL and HLRAL are delivered any RAL color at the choice of the customer. HELIOS HLRAL and HLRAL of white RAL color are most popular. The fixing arms which are included in the delivery package are painted in the same color, as a fan heater. A design Unilateral horizontal blinds with adjustable plates for the direction of air the Highly effective mednoalyuminiyevy water heat exchanger with the established vozdukhootvodchik and a drain valve the Airintaking nozzle the Axial fan with wide aluminum blades and with a protective screen the Unit housing from the galvanized sheet steel painted by enamel Tip the Mass Sizes A B C D E G without water [kg] Weight with water [kg] of HL HL Types of installation are intended for wall and ceiling installation. For fast installation of a fan heater in a set mounting brackets are delivered. Characteristic HL/Hlteplotekhnicheskiye Water an input and output the [C] Air temperature on an entrance of the [C] HL an air consumption [m?/С‡] HL air consumption [m?/С‡] Moshchnost of heating [kw] Air temperature at the exit the [C] Consumption of water [m/h] Pressure loss of water [kPa] of Moshchnost of heating [kw] Air temperature at the exit the [C] Consumption of water [m/h] Pressure loss of water [kPa]/,//,/,/, At water temperature above With is necessary installation of the valve which turns off giving of the heat carrier in case of a fan stop.

They – are more powerful and more economic than electrical heating units, but more largely and need timely supply of fuel and regular gas station in process of its development. Diesel and gas volcano heat guns guns and also electric heaters with an open heating element burn oxygen. Therefore during their work in rooms it is necessary to organize high-quality ventilation – removal of exhaust gases and continuous inflow of fresh air.

Miles Manning:
Why worry him?:
Manufacturing country: Russia Power (kW): Airproductivity (m/h): Tip: wall Gabarita (mm): hkhmassa (kg): / Degree of protection: IPTok (A): Noise level (dB): Frequency (Hz): Height (m) manufacturing Country: Russia Power (kW): Airproductivity (m/h): / Tip: floor \suspended Gabarita (mm): hkhmass (kg): Degree of protection: IPTok (A): Noise level (dB): Frequency (Hz):. Manufacturing country: Russia Vozdukhoproizvoditelnost (m/h)://Power (kW): Tip: wall Gabarita (mm): hkhmassa (kg):/Tension (C): Height (m): Current (A): Noise level (dB):. will perfectly block a way to the cold air arriving from small technological openings, such as cash windows, standard doorways in inhabited and office rooms. Power (kW/hp):/Width processings (mm): Depth of processing (mm): Tip of the engine: petrol Engine displacement (cm: Volume of the fuel tank (l): Speed of rotation of the screw (rpm): Country-make. Manufacturing country: People's Republic of China Power (kW/hp):/Engine displacement (cm: Engine speed (rpm): Width of a cut (mm):/Capacity fuel tank (l): Diameter of a fishing line (mm): The cutting font: Gabarita (mm): hkhmassa (kg): Power (kW)://Tension (C): Manufacturing country: Italy.

The device is intended for creation of the powerful wide directed stream of warm/room temperature of air for the purpose of the organization of the effective air barrier interfering penetration into the heated/cooled room of cold/warm air from the outside and divisions of zones with various temperature. Units are used in supermarkets, shops, trade pavilions, warehouses, on productions and in other rooms with often opening or badly warmed windows/doors. The directed air flow creates an invisible effective barrier thanks to which air from the external environment does not get in the room, and internal air masses are not left by the building. Even in the presence of a draft or open doors and windows vertical air thermal veils reduce loss of heat to % that allows to pay back the device price in the shortest possible time. The TZT series is made from quality strong steel with a polymeric covering, steady against external influences, as well as the TZS series. All products of this modification have two degrees of power and an operating mode without heating, are equipped with protection against overheating. Models differ: m/h productivity); power of kW); speed of the given m/s stream); maximum temperature of heating C); height of installation of m); dimensions. As a heating element of thermal veils of Neoclima orebrenny TEN of high performance is used. Depending on the brand power supply is carried out from network/V. Some models are equipped with the portable switch. In Rustekhniks shop the wide range of goods of a brand of Neoclima is presented. The certified products from the original producer with a warranty service life are offered buyers. On the website consumers can buy thermal veils of Neoclima with delivery by the courier in Moscow, Nizhny Novgorod, Oryol, SPb, transport companies to other settlements of the country.