Skip to content
  • Register
    • Advertisement
    If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
    Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

    Security Challenge III (Hacking Challenge)

    • 25-04-2011 05:15PM
      #1
      h57xiucj2z946q
      Closed Accounts Posts: 2,267
      ✭✭✭


      Its that time again. The third challenge is here. Try get on the hall of fame.

      Its a little bit more difficult than the last challenge, so if people are finding it too difficult, I will start dropping hints around the server. As before, there is two parts to this challenge. First part is fairly trivial, 2nd part may catch people out!

      Please read the rules on the main page before you continue.

      Enjoy..

      http://damo.dyndns.info/

      You can also join irc.2600.net #2600ie


    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Sign In
    Register
    «13

    Comments

    • #2
      dlofnep
      Closed Accounts Posts: 20,759 dlofnep
      ✭✭✭✭


      Woohoo :D Will give it a shot. Thanks for setting it up.


    • #3
      Pygmalion
      Closed Accounts Posts: 5,082 Pygmalion
      ✭✭✭


      I don't think this is a spoiler at all, but just in case...
      Spoiler
      Is brute-forcing required here or is there something clever going on with the passwords?


    • #4
      h57xiucj2z946q
      Closed Accounts Posts: 2,267 h57xiucj2z946q
      ✭✭✭


      Pygmalion wrote: »
      I don't think this is a spoiler at all, but just in case...
      Spoiler
      Is brute-forcing required here or is there something clever going on with the passwords?

      Hey..
      Spoiler
      No brute forcing or guess work is required. Instead try figure out how im checking the passwords your submitting


    • #5
      Pygmalion
      Closed Accounts Posts: 5,082 Pygmalion
      ✭✭✭


      Hayden Puny Stationery wrote: »
      Hey..
      Spoiler
      No brute forcing or guess work is required. Instead try figure out how im checking the passwords your submitting

      Ah, in that case I'm stuck, I'll keep playing around with what I have and a python shell to see if I can find any meaning in what I've managed to get so far for a password :P.


    • #6
      dlofnep
      Closed Accounts Posts: 20,759 dlofnep
      ✭✭✭✭


      I think we're on the same stage :)


    • Advertisement
    • #7
      h57xiucj2z946q
      Closed Accounts Posts: 2,267 h57xiucj2z946q
      ✭✭✭


      Without giving anything away, think 900913 is a little bit further, but maybe stuck at that point. May have to drop hints soon hehe.


    • #8
      dlofnep
      Closed Accounts Posts: 20,759 dlofnep
      ✭✭✭✭


      Progress :D


    • #9
      syklops
      Closed Accounts Posts: 18,966 syklops
      ✭✭✭✭


      dlofnep wrote: »
      Progress :D

      Dont be saying stuff like that. Less chance of hints then ;)


    • #10
      Pygmalion
      Closed Accounts Posts: 5,082 Pygmalion
      ✭✭✭


      syklops wrote: »
      Dont be saying stuff like that. Less chance of hints then ;)

      My thoughts exactly :D


    • #11
      dlofnep
      Closed Accounts Posts: 20,759 dlofnep
      ✭✭✭✭


      Spoiler
      Think about what page is validating, and how one might view that page to see what it's doing.


    • Advertisement
    • #12
      Pygmalion
      Closed Accounts Posts: 5,082 Pygmalion
      ✭✭✭


      Ah I see what I have to do now, looks tricky, but I assume once I "get" it it won't be too infeasible.


    • #13
      c0ne
      Closed Accounts Posts: 4 c0ne


      Hi there,

      I got the login credentials... any hints on the pwd format?

      Greets,
      c0ne


    • #14
      dlofnep
      Closed Accounts Posts: 20,759 dlofnep
      ✭✭✭✭


      Don't bother trying to crack it :) That's the only tip I can give you. You'll need unconventional methods to figure it out.


    • #15
      Pygmalion
      Closed Accounts Posts: 5,082 Pygmalion
      ✭✭✭


      Any ideas/hints for getting a valid password? Is it a dictionary word or something?
      Spoiler
      I see what's going on on the server-side, but I don't see how I'm supposed to use that, and google isn't helping much, I've run through a fairly large dictionary list doing essentially what the login-check.php seems to be doing but that gives no results either
      .


    • #16
      h57xiucj2z946q
      Closed Accounts Posts: 2,267 h57xiucj2z946q
      ✭✭✭


      Spoiler
      The crypt is not reversible, in the sense that the same algorithm reversed won't give original input.

      But its not a one way hash either. So what does this leave?

      Google up on the functions that im using. See what they're used in.


      No brute forcing is necessary. When you figure out what it is, it shouldn't require more than 5 minutes of CPU power.

      This is a very good hint.


    • #17
      h57xiucj2z946q
      Closed Accounts Posts: 2,267 h57xiucj2z946q
      ✭✭✭


      Those of you running
      Spoiler
      SQL
      scanners, most of them have been blocked so they won't give you any results. This is to not only to make you do the work yourself, but to prevent hammering the server. If your having trouble, post here for help.


    • #18
      Pygmalion
      Closed Accounts Posts: 5,082 Pygmalion
      ✭✭✭


      Hayden Puny Stationery wrote: »
      Spoiler
      The crypt is not reversible, in the sense that the same algorithm reversed won't give original input.

      But its not a one way hash either. So what does this leave?

      Google up on the functions that im using. See what they're used in.


      No brute forcing is necessary. When you figure out what it is, it shouldn't require more than 5 minutes of CPU power.

      This is a very good hint.

      I see what's being done to the password entered, and what it needs to match... But I don't really see any feasible way to get a working password from it.

      Can I PM you to see if I'm at least going in the right direction?


    • #19
      h57xiucj2z946q
      Closed Accounts Posts: 2,267 h57xiucj2z946q
      ✭✭✭


      You can yeah.


    • #20
      Pygmalion
      Closed Accounts Posts: 5,082 Pygmalion
      ✭✭✭


      Hayden Puny Stationery wrote: »
      You can yeah.

      Done, am I thinking about it the right way?


    • #21
      h57xiucj2z946q
      Closed Accounts Posts: 2,267 h57xiucj2z946q
      ✭✭✭


      Pygmalion wrote: »
      Done, am I thinking about it the right way?


      Pretty much yeah, well done. Sent you on some guidance.


    • Advertisement
    • #22
      Pygmalion
      Closed Accounts Posts: 5,082 Pygmalion
      ✭✭✭


      Done :P


    • #23
      h57xiucj2z946q
      Closed Accounts Posts: 2,267 h57xiucj2z946q
      ✭✭✭


      Wooo! Well Done. Send me a PM of your approach. I will also send you on some details that you may find interesting.

      Also what did you think of the challenge?


    • #24
      Pygmalion
      Closed Accounts Posts: 5,082 Pygmalion
      ✭✭✭


      Hayden Puny Stationery wrote: »
      Also what did you think of the challenge?

      Pretty good, started off as a straight-forward enough
      Spoiler
      SQL injection one, got the usernames and "passwords"
      ok, but then a couple of really nice twists after that, and
      Spoiler
      how the passwords were actually dealt with was pretty awesome, actually makes you think, as opposed to the usual things, where they're either kept in plaintext, XORed against a constant in the source or you just need to throw them into some password brute-forcer and wait without really getting what the hell's going on
      .


    • #25
      c0ne
      Closed Accounts Posts: 4 c0ne


      Almost there... :)


    • #26
      h57xiucj2z946q
      Closed Accounts Posts: 2,267 h57xiucj2z946q
      ✭✭✭


      c0ne wrote: »
      Almost there... :)

      c0ne 2011-04-26 10:55:37

      Well done!


    • #27
      c0ne
      Closed Accounts Posts: 4 c0ne


      Spoiler
      i could have done it faster, if i didnt mistyped some MySQL function last night..

      Thanks damo2k, i noticed your post of cracking4newbies last night.
      Cool 'hackme' you made


    • #28
      h57xiucj2z946q
      Closed Accounts Posts: 2,267 h57xiucj2z946q
      ✭✭✭


      Sweet, its had been a while since I was on #cracking4newbies @ EFNet.


    • #29
      h57xiucj2z946q
      Closed Accounts Posts: 2,267 h57xiucj2z946q
      ✭✭✭


      Are people stuck? Do you's need more hints?


    • #30
      900913
      Registered Users, Registered Users 2 Posts: 367 900913
      ✭✭


      Yes, I'm still stuck.

      It's a great challenge but the last part turns my brain to mush.


    • Advertisement
    • #31
      h57xiucj2z946q
      Closed Accounts Posts: 2,267 h57xiucj2z946q
      ✭✭✭


      Those of you stuck on the password stuff, look back at the furtherest point you got. I dropped a big hint.

      For the others stuck, send me a PM.


    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Sign In
    Register
    Advertisement