Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Security Challenge 1 re-visited.

  • 01-02-2012 11:33pm
    #1
    Closed Accounts Posts: 2,267 ✭✭✭


    Decided to put this back up for people who missed it. If your stuck, you can look through the old threads. The old threads also contain a solution if your really stuck. Passwords and stuff have been changed since.


    The other challenges aren't suitable to host on free hosting.

    http://damo.clanteam.com/sch1


Comments

  • Registered Users Posts: 367 ✭✭900913


    I enjoyed that. I could spend hours on end messing with these types of vulnerabilities.

    Thanks :-)


  • Closed Accounts Posts: 20,759 ✭✭✭✭dlofnep


    Unless I had something cached, there was no challenge to complete - Just a hall of fame page without authentication? Unless it's saved from the last time I did it? Confused..


  • Registered Users, Registered Users 2 Posts: 416 ✭✭gouche


    I had the same issue as dlofnep - clicked admin button and it allowed me to put name on Hall of Fame.

    Feel free to delete my name as I didn't actually complete the challenge:P


  • Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q


    Oops, accidentally ran some "fixer" on the free hosting last night which modified some important files I had hosted. Its fixed now though.


  • Closed Accounts Posts: 20,759 ✭✭✭✭dlofnep


    Cool done. I noticed you implemented extra security on other areas of the system this time ;)


  • Advertisement
  • Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q


    dlofnep wrote: »
    Cool done. I noticed you implemented extra security on other areas of the system this time ;)

    heheh not me, that comes as part of the free web-hosting :-)


  • Registered Users Posts: 367 ✭✭900913


    Are you going to re-visit any more of the older challenges?

    I think these challenges are great for learning, I've learned lots of new stuff the fun way :-)


  • Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q


    I'm afraid the other challenges aren't really suitable to host on free webspace.


  • Closed Accounts Posts: 7,145 ✭✭✭DonkeyStyle \o/


    Thanks. Very educational. And a bit scary, which is always a good sign.
    Had JTR running for about 90 mins on 4 cores, then tried the 'all' wordlist and got it in a split second (facepalm)


  • Registered Users, Registered Users 2 Posts: 1,691 ✭✭✭JimmyCrackCorn


    I have it


    Nice one btw. Enjoyed that allot.
    Need to get wordlists off machine i packed away.


  • Advertisement
  • Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q


    I think the bigger one that comes with John the Ripper should be fine.


  • Closed Accounts Posts: 20,759 ✭✭✭✭dlofnep


    People must remember, it's just a game - so Damo will never make you jump through hoops for one very small thing such as the above.


  • Registered Users, Registered Users 2 Posts: 1,691 ✭✭✭JimmyCrackCorn


    Thanks damo complete.

    Id love to do a few more of these. Thanks for going to the effort of making it.


  • Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q


    Thanks damo complete.

    Id love to do a few more of these. Thanks for going to the effort of making it.

    Feel free to try:
    http://damo.clanteam.com/sch6
    http://damo.clanteam.com/sch7


  • Registered Users, Registered Users 2 Posts: 1,691 ✭✭✭JimmyCrackCorn


    Thanks Damo.

    That's sch6 complete. Spent a while trying to get the syntax right.


  • Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q




  • Closed Accounts Posts: 3,981 ✭✭✭[-0-]


    Got this one as well. Cheers again Damo.


  • Banned (with Prison Access) Posts: 13,018 ✭✭✭✭jank


    Bumping this as not sure if the same weakness is there?


  • Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q


    Right idea, but wrong file. You cannot transverse outside my webroot.


  • Banned (with Prison Access) Posts: 13,018 ✭✭✭✭jank


    Thanks, got it after lots of cheating. Onto the second one now.


  • Advertisement
Advertisement