Author |
Message |
Allosentient
Joined: 10 Apr 2008 Posts: 273
|
|
Secure Room |
|
I am trying to do secure room. I was able to "login", but got "you have no secrets" which didn't work. If anyone can give me a hint as to if there is a specific approach I am missing, that would be really generous.
|
|
Sat Nov 22, 2008 6:18 pm |
|
 |
gfoot
Joined: 05 Sep 2007 Posts: 269 Location: Brighton, UK |
|
|
|
As the challenge description says, you have to log in as 'adum' in order to see his secrets.
|
|
Sat Nov 22, 2008 7:48 pm |
|
 |
Allosentient
Joined: 10 Apr 2008 Posts: 273
|
|
|
|
I just got it, it helps to actually look up the language being used , and the hint helped too, thanks!
|
|
Sat Nov 22, 2008 8:06 pm |
|
 |
m!nus

Joined: 28 Jul 2007 Posts: 202 Location: Germany |
|
|
|
absolutely not worth difficulty 50, solved it in like half a minute, since my skills in that language/on that topic are a bit rusty
edit: ok, fort knox resists my skills, apparently they're too low
|
|
Tue Nov 25, 2008 2:52 pm |
|
 |
gfoot
Joined: 05 Sep 2007 Posts: 269 Location: Brighton, UK |
|
|
|
How do you find out the difficulty ratings?
|
|
Tue Nov 25, 2008 6:14 pm |
|
 |
theStack
Joined: 02 Nov 2008 Posts: 72
|
|
|
|
That was a nice one.
I have never approached that type of attack before so it took my quite a while, but it was fun.
|
|
Tue Nov 25, 2008 6:34 pm |
|
 |
m!nus

Joined: 28 Jul 2007 Posts: 202 Location: Germany |
|
|
|
 |
 |
How do you find out the difficulty ratings? |
I wrote this hacker.org challenge overview some time ago. Doesn't work atm but I will get the error fixed asap.
|
|
Tue Nov 25, 2008 6:40 pm |
|
 |
gfoot
Joined: 05 Sep 2007 Posts: 269 Location: Brighton, UK |
|
|
|
I don't really want to put my password into a third party site I'm afraid - is there some query I can run on hacker.org directly?
|
|
Tue Nov 25, 2008 7:13 pm |
|
 |
m!nus

Joined: 28 Jul 2007 Posts: 202 Location: Germany |
|
|
Thu Dec 04, 2008 8:00 pm |
|
 |
coolwhoop10
Joined: 27 Apr 2010 Posts: 1
|
|
|
|
yeah, i'm pretty stumped. as far as i've seen, the source code is not much help, but i could be pretty off. any pointers for a noob?
|
|
Sun May 30, 2010 3:03 am |
|
 |
laz0r

Joined: 04 Feb 2010 Posts: 290 Location: Within the depths of Unix |
|
|
|
There are standard ways to circumvent login screens. Have you Googled that?
_________________ There is no spoon. |
|
Sun May 30, 2010 8:06 am |
|
 |
dj-boris

Joined: 23 Dec 2010 Posts: 3
|
|
No Idea |
|
I'm trying to solve the Secure Room. I've tried to inject code, but it doesn't work. The sourcecode isn't helpful, and Login with SSH or FTP as Anonymous doesn't work. Can anybody give me a hint?
DJ Boris
_________________ BlackShadow is watching you |
|
Thu Dec 30, 2010 5:51 pm |
|
 |
MyNameIsAlreadyTaken

Joined: 17 Oct 2010 Posts: 31 Location: Germany |
|
|
|
 |
 |
I've tried to inject code, but it doesn't work. |
What code did you try to inject? This challenge isn't really complicated, you don't need any kind of software but your browser.
|
|
Fri Dec 31, 2010 10:19 am |
|
 |
dj-boris

Joined: 23 Dec 2010 Posts: 3
|
|
|
|
I've tried to inject php codes like (With and without <?php ?>)
 |
 |
phpinfo();
echo "Hello World";
|
But it doesn't work, then I tried to Inject SQL Commands in "Password" like...
 |
 |
;SHOW tables
|
And it also doesn't work
Is my code a big fail or am I stupid??
Thank you, for your fast reply
_________________ BlackShadow is watching you |
|
Fri Dec 31, 2010 1:08 pm |
|
 |
rmplpmpl
Joined: 26 Oct 2008 Posts: 113 Location: Germany |
|
|
|
 |
 |
I've tried to inject php codes like (With and without <?php ?>)
 |
 |
phpinfo();
echo "Hello World";
|
But it doesn't work, then I tried to Inject SQL Commands in "Password" like...
 |
 |
;SHOW tables
|
And it also doesn't work
Is my code a big fail or am I stupid??
Thank you, for your fast reply |
You are pretty close, injection is a good way to hack this, perhaps you like to google some standard techniques on this?
|
|
Fri Dec 31, 2010 2:55 pm |
|
 |
|