hacker.org Forum Index
RegisterSearchFAQMemberlistUsergroupsLog in
Secure Room
Goto page Previous  1, 2
 
Reply to topic    hacker.org Forum Index » Challenges View previous topic
View next topic
Secure Room
Author Message
dj-boris



Joined: 23 Dec 2010
Posts: 3

Post Reply with quote
Jackpot, after trying and trying, I got it Smile , it needs just the right number of '
Thank you very much!

_________________
BlackShadow is watching you
Fri Dec 31, 2010 3:13 pm View user's profile Send private message
bspus



Joined: 04 Sep 2011
Posts: 9

Post Reply with quote
gfoot wrote:
As the challenge description says, you have to log in as 'adum' in order to see his secrets.


I logged in as adum (and as someone else) and still get the no secrets treatment. I even got it to work with the user name field having just the word adum in it so that it will show properly on the next page.

I'm actually surprised this wasn't enough, not because it was hard but because I think I have done what I was required to do. What am I missing?
Sat Oct 01, 2011 7:00 pm View user's profile Send private message
DaymItzJack



Joined: 29 Oct 2009
Posts: 106

Post Reply with quote
bspus wrote:
gfoot wrote:
As the challenge description says, you have to log in as 'adum' in order to see his secrets.


I logged in as adum (and as someone else) and still get the no secrets treatment. I even got it to work with the user name field having just the word adum in it so that it will show properly on the next page.

I'm actually surprised this wasn't enough, not because it was hard but because I think I have done what I was required to do. What am I missing?
I think the answer to this challenge is the password, not positive though, I solved it awhile ago.
Sat Oct 01, 2011 7:49 pm View user's profile Send private message
bspus



Joined: 04 Sep 2011
Posts: 9

Post Reply with quote
DaymItzJack wrote:
I think the answer to this challenge is the password, not positive though, I solved it awhile ago.


Even if I got the password, I would expect to log in and see the same "you have no secrets" message.
Considering that the challenge tells you not to try to "guess the password" as well as the fact that it asks you to break into his account and discover his "secret", it would be very misleading.
Sat Oct 01, 2011 8:40 pm View user's profile Send private message
DaymItzJack



Joined: 29 Oct 2009
Posts: 106

Post Reply with quote
bspus wrote:
DaymItzJack wrote:
I think the answer to this challenge is the password, not positive though, I solved it awhile ago.


Even if I got the password, I would expect to log in and see the same "you have no secrets" message.
Considering that the challenge tells you not to try to "guess the password" as well as the fact that it asks you to break into his account and discover his "secret", it would be very misleading.
I managed to log into adums account and the secret was right in front of me. I don't know exactly what you're doing but there aren't any tricks or anything.
Sun Oct 02, 2011 7:36 pm View user's profile Send private message
bspus



Joined: 04 Sep 2011
Posts: 9

Post Reply with quote
I got in too by trying something slightly different. The thing is, it should have worked with my first method.
I believe the reason is that this is not a real vulnerability but just an exercise. The "exploit" is expected so it's all just make believe.
I 'll make a post in the solved section at some point to discuss it further.

edit: nevermind. My other method works now too. I wonder if something is changed
Tue Oct 04, 2011 3:53 pm View user's profile Send private message
Nquit



Joined: 15 Jul 2011
Posts: 5

Post Reply with quote
Aparently i must be stupid about Injections.. I can't get it to work.. and it's pissing me off.. Any who can help a nub?
Wed Nov 07, 2012 8:18 pm View user's profile Send private message
Nquit



Joined: 15 Jul 2011
Posts: 5

Post Reply with quote
I finally made it.. QUite easy now that i see how it's done
Thu Nov 15, 2012 2:06 pm View user's profile Send private message
Valar_Dragon



Joined: 04 Jan 2015
Posts: 21

Post Reply with quote
This is a great challenge! Once you figure it out it makes complete sense!
Mon Jan 12, 2015 11:03 pm View user's profile Send private message
Display posts from previous:    
Reply to topic    hacker.org Forum Index » Challenges All times are GMT
Goto page Previous  1, 2
Page 2 of 2

 
Jump to: 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group
Design by Freestyle XL / Flowers Online.