Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Security Challenge II re-visited

  • 01-03-2012 8:37pm
    #1
    Closed Accounts Posts: 2,267 ✭✭✭ Andi Polite Grindstone


    For the people that missed it last year, here is your chance to try it yourself.

    For those that previous tried it, this is two little differences. 2nd part is gone, but that part confused people anyway. Also the first part has a little twist now for thoes that previously did it.
    You might need the assistance of a different part of the website/other challenge :-)

    http://damo.clanteam.com/sch2/


Comments

  • Closed Accounts Posts: 2,267 ✭✭✭ Andi Polite Grindstone


    I have linked the others at:

    http://damo.clanteam.com

    enjoy.


  • Registered Users Posts: 367 ✭✭900913


    That took me a while to realise what I was doing wrong.

    Very good challenge.
    Thanks


  • Registered Users Posts: 367 ✭✭900913




  • Closed Accounts Posts: 7,145 ✭✭✭DonkeyStyle \o/


    Good one :)
    Less awkward second half than last time... didn't have to look for my linux CD.

    Did a double entry there ("hmm"), wasn't expecting to submit that way.


  • Registered Users Posts: 1,931 ✭✭✭Zab


    These were enjoyable by the way. I'd try the missing ones if that ever becomes possible in the future.


  • Advertisement
  • Closed Accounts Posts: 2,267 ✭✭✭ Andi Polite Grindstone


    Im afraid the other ones are not really suitable for public web hosting.

    Neither is this challenge really, but the worst that will happen is people can only delete/modify my site, and not others on same hosting.


  • Closed Accounts Posts: 2,267 ✭✭✭ Andi Polite Grindstone


    Had to remove the image upload part, it was a bit dangerous.

    So I changed this one slightly. Those of you that already did this one, you can do it again as there is some things different.


  • Registered Users Posts: 367 ✭✭900913


    Completed :-)


  • Closed Accounts Posts: 2,267 ✭✭✭ Andi Polite Grindstone


    Nice one :-)


  • Registered Users Posts: 367 ✭✭900913


    With every challenge I learn something new :-)

    Thanks.....


  • Advertisement
  • Registered Users Posts: 1,691 ✭✭✭JimmyCrackCorn


    I was playing with the image upload one last night.

    Since it has been removed can i confirm it was php code embedded in an image that could be executed using .php.jpg


    your wifi one has me stumped though. But ill get it eventually.

    Thanks,
    Pat


  • Closed Accounts Posts: 2,267 ✭✭✭ Andi Polite Grindstone


    I was playing with the image upload one last night.

    Since it has been removed can i confirm it was php code embedded in an image that could be executed using .php.jpg


    your wifi one has me stumped though. But ill get it eventually.

    Thanks,
    Pat

    Yup, your correct, that was the idea for the challenge. But it left the rest of the site vulnerable to modification/deletion


  • Closed Accounts Posts: 2,267 ✭✭✭ Andi Polite Grindstone


    your wifi one has me stumped though. But ill get it eventually.

    Thanks,
    Pat
    Eircom Jimi Hendrix


  • Registered Users Posts: 1,691 ✭✭✭JimmyCrackCorn


    Still setting in in oz ill be back to normal and have a crack later in the week.


  • Closed Accounts Posts: 2,267 ✭✭✭ Andi Polite Grindstone




  • Closed Accounts Posts: 20,759 ✭✭✭✭dlofnep


    That was fun :) Was looking completely in the wrong place!


  • Closed Accounts Posts: 2,267 ✭✭✭ Andi Polite Grindstone


    Good stuff. Well done.


  • Registered Users Posts: 326 ✭✭schrodinger


    Grrr, you're a crafty one Damo. Nice challenge.

    peann thanks for the hint!


  • Closed Accounts Posts: 20,759 ✭✭✭✭dlofnep


    No probs :) Good man!


  • Closed Accounts Posts: 3,981 ✭✭✭[-0-]


    That was fun! I didn't have apache configured for php on my host so I had to jump on to another box to figure it out. Cheers peann for the pointers!


  • Advertisement
  • Closed Accounts Posts: 20,759 ✭✭✭✭dlofnep


    np bud - you didn't really need them anyways ;) good work!


  • Closed Accounts Posts: 2,267 ✭✭✭ Andi Polite Grindstone


    Nice one guys.


Advertisement