hacker.org Forum Index
RegisterSearchFAQMemberlistUsergroupsLog in
Secure Room
Goto page 1, 2  Next
 
Reply to topic    hacker.org Forum Index » Challenges View previous topic
View next topic
Secure Room
Author Message
Allosentient



Joined: 10 Apr 2008
Posts: 273

Post Secure Room Reply with quote
I am trying to do secure room. I was able to "login", but got "you have no secrets" which didn't work. If anyone can give me a hint as to if there is a specific approach I am missing, that would be really generous.
Sat Nov 22, 2008 6:18 pm View user's profile Send private message
gfoot



Joined: 05 Sep 2007
Posts: 269
Location: Brighton, UK

Post Reply with quote
As the challenge description says, you have to log in as 'adum' in order to see his secrets.
Sat Nov 22, 2008 7:48 pm View user's profile Send private message
Allosentient



Joined: 10 Apr 2008
Posts: 273

Post Reply with quote
I just got it, it helps to actually look up the language being used Smile, and the hint helped too, thanks!
Sat Nov 22, 2008 8:06 pm View user's profile Send private message
m!nus



Joined: 28 Jul 2007
Posts: 202
Location: Germany

Post Reply with quote
absolutely not worth difficulty 50, solved it in like half a minute, since my skills in that language/on that topic are a bit rusty


edit: ok, fort knox resists my skills, apparently they're too low
Tue Nov 25, 2008 2:52 pm View user's profile Send private message
gfoot



Joined: 05 Sep 2007
Posts: 269
Location: Brighton, UK

Post Reply with quote
How do you find out the difficulty ratings?
Tue Nov 25, 2008 6:14 pm View user's profile Send private message
theStack



Joined: 02 Nov 2008
Posts: 72

Post Reply with quote
That was a nice one.
I have never approached that type of attack before so it took my quite a while, but it was fun.
Tue Nov 25, 2008 6:34 pm View user's profile Send private message
m!nus



Joined: 28 Jul 2007
Posts: 202
Location: Germany

Post Reply with quote
gfoot wrote:
How do you find out the difficulty ratings?

I wrote this hacker.org challenge overview some time ago. Doesn't work atm but I will get the error fixed asap.
Tue Nov 25, 2008 6:40 pm View user's profile Send private message
gfoot



Joined: 05 Sep 2007
Posts: 269
Location: Brighton, UK

Post Reply with quote
I don't really want to put my password into a third party site I'm afraid - is there some query I can run on hacker.org directly?
Tue Nov 25, 2008 7:13 pm View user's profile Send private message
m!nus



Joined: 28 Jul 2007
Posts: 202
Location: Germany

Post Reply with quote
oh, sorry for not answering.
I get the data the same way the flash map gets it: as XML file http://www.hacker.org/challenge/map/get.php
Thu Dec 04, 2008 8:00 pm View user's profile Send private message
coolwhoop10



Joined: 27 Apr 2010
Posts: 1

Post Reply with quote
yeah, i'm pretty stumped. as far as i've seen, the source code is not much help, but i could be pretty off. any pointers for a noob?
Sun May 30, 2010 3:03 am View user's profile Send private message
laz0r



Joined: 04 Feb 2010
Posts: 290
Location: Within the depths of Unix

Post Reply with quote
There are standard ways to circumvent login screens. Have you Googled that?

_________________
There is no spoon.
Sun May 30, 2010 8:06 am View user's profile Send private message
dj-boris



Joined: 23 Dec 2010
Posts: 3

Post No Idea Reply with quote
I'm trying to solve the Secure Room. I've tried to inject code, but it doesn't work. The sourcecode isn't helpful, and Login with SSH or FTP as Anonymous doesn't work. Can anybody give me a hint?

DJ Boris

_________________
BlackShadow is watching you
Thu Dec 30, 2010 5:51 pm View user's profile Send private message
MyNameIsAlreadyTaken



Joined: 17 Oct 2010
Posts: 31
Location: Germany

Post Reply with quote
Quote:
I've tried to inject code, but it doesn't work.


What code did you try to inject? This challenge isn't really complicated, you don't need any kind of software but your browser.
Fri Dec 31, 2010 10:19 am View user's profile Send private message
dj-boris



Joined: 23 Dec 2010
Posts: 3

Post Reply with quote
I've tried to inject php codes like (With and without <?php ?>)
Code:

phpinfo();
echo "Hello World";


But it doesn't work, then I tried to Inject SQL Commands in "Password" like...
Code:

;SHOW tables

And it also doesn't work Crying or Very sad
Is my code a big fail or am I stupid??

Thank you, for your fast reply

_________________
BlackShadow is watching you
Fri Dec 31, 2010 1:08 pm View user's profile Send private message
rmplpmpl



Joined: 26 Oct 2008
Posts: 113
Location: Germany

Post Reply with quote
dj-boris wrote:
I've tried to inject php codes like (With and without <?php ?>)
Code:

phpinfo();
echo "Hello World";


But it doesn't work, then I tried to Inject SQL Commands in "Password" like...
Code:

;SHOW tables

And it also doesn't work Crying or Very sad
Is my code a big fail or am I stupid??

Thank you, for your fast reply


You are pretty close, injection is a good way to hack this, perhaps you like to google some standard techniques on this?
Fri Dec 31, 2010 2:55 pm View user's profile Send private message
Display posts from previous:    
Reply to topic    hacker.org Forum Index » Challenges All times are GMT
Goto page 1, 2  Next
Page 1 of 2

 
Jump to: 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group
Design by Freestyle XL / Flowers Online.