pyth0n3 Posted December 14, 2011 Report Share Posted December 14, 2011 (edited) Pe saptamana viitoare pregatesc un challenge care include(Aprox. incepand de Luni 19/12/2011 anunt aici in cazul in care vor fi alte modificari in legatura cu data) SQL injection , XSS, (Demonstratie Reverse Remote Shell folosind ca baza SQL Injection fara a scrie nici macar o linie de cod in PHP) , Full Remote Server Control.Care vrea sa participe sa isi lase nickname-ul aici va primi PM cu linkNote: Challenge-ul nu va avea nici un fel de protectie Firewal, IDS, sau WAF Va rula intrun Webserver Apache ,PHP 5.2.10 Cu parametru de injectie liber , sintaxe de injectie standard nimic extra , NO Blind InjectionObiective (Provizoriu)1.Identificati tipul de database ,2.Extrageti datele3.Injectati cod pentru a crea un XSS alert cu nickname-ul vostru4.Introduteti un shell in sistem5.Obtineti access la server demonstrand un reverse shell (Un shell care se conecteaza de la serverul victima catre serverul vostru, Incepeti deja sa va creati un listener local si sa va faceti port forwarding unde este nevoie)Care a folosit metasploit stie cum functioneaza un reverse shell Serverul il creati pe pc-ul vostru si obligati un shell sa faca o conexiune de la serverul victima catre voi. Daca aveti intrebari sunteti liberi sa le faceti dar la subiect.Premiu final:Usb Fingerprint readerFeatures:* USB Fingerprint reader* Up to 10 sets fingerprint enrollment* Multi-Factor Authentication* Advanced Password Management* AIAC: Advanced image auto-calibration technology* Secure and Powerful Computer ProtectionDaca cineva ia premiul de la challenge-ul care este in prezent , pun altcevaOricum premiul consta intrun obiect/dispozitiv hardwareUn salut la toti! Edited December 14, 2011 by pyth0n3 2 1 Link to comment Share on other sites More sharing options...
BogdanNBV Posted December 14, 2011 Report Share Posted December 14, 2011 vreau Link to comment Share on other sites More sharing options...
unbeliever Posted December 14, 2011 Report Share Posted December 14, 2011 Care e premiul ? Link to comment Share on other sites More sharing options...
totti93 Posted December 14, 2011 Report Share Posted December 14, 2011 Interesant. As incerca si eu! Astept PM cu link-ul Link to comment Share on other sites More sharing options...
pr00f Posted December 14, 2011 Report Share Posted December 14, 2011 Am timp, plus c? „încercarea moarte n-are”. M?car mai înv?? ?i eu câte ceva. Link to comment Share on other sites More sharing options...
JohnyCNAM Posted December 14, 2011 Report Share Posted December 14, 2011 Nu am inteles nimic dar totusi vreau. Link to comment Share on other sites More sharing options...
Moderators Dragos Posted December 14, 2011 Moderators Report Share Posted December 14, 2011 Nu am inteles nimic dar totusi vreau.FailON: Trimite-mi si mie un pm. Link to comment Share on other sites More sharing options...
bcman Posted December 14, 2011 Report Share Posted December 14, 2011 Ma bag si eu. Link to comment Share on other sites More sharing options...
denjacker Posted December 14, 2011 Report Share Posted December 14, 2011 (edited) Note: Challenge-ul nu va avea nici un fel de protectie Firewal, IDS, sau WAF Va rula intrun Webserver Apache ,PHP 5.2.10 Cu parametru de injectie liber , sintaxe de injectie standard nimic extra , NO Blind InjectionNu lasa sintaxa standard, baga cat de cat un heavy query... and no waf ?! you're killing all the funCount me in.. Edited December 14, 2011 by denjacker Link to comment Share on other sites More sharing options...
BGS Posted December 14, 2011 Report Share Posted December 14, 2011 i'll give it a try Link to comment Share on other sites More sharing options...
Slyfer Posted December 14, 2011 Report Share Posted December 14, 2011 PM si la mine. Link to comment Share on other sites More sharing options...
black01 Posted December 14, 2011 Report Share Posted December 14, 2011 @ pyth0n3si mai interesant ar fi de facut un video, sau macar un tutorial de cel (sau altcineva) - care castiga.....asta ar fi un mare castig si pentru restul oamenilor de pe acest forum.mersi / doar o sugestie - have a nice night. Link to comment Share on other sites More sharing options...
qbert Posted December 14, 2011 Report Share Posted December 14, 2011 Count me in. Link to comment Share on other sites More sharing options...
nekhbet Posted December 15, 2011 Report Share Posted December 15, 2011 PM si mie Link to comment Share on other sites More sharing options...
flux Posted December 15, 2011 Report Share Posted December 15, 2011 si eu vreau Link to comment Share on other sites More sharing options...
Weedy92 Posted December 15, 2011 Report Share Posted December 15, 2011 Astept Pm ! Link to comment Share on other sites More sharing options...
Kabron Posted December 15, 2011 Report Share Posted December 15, 2011 PM here Link to comment Share on other sites More sharing options...
bin Posted December 15, 2011 Report Share Posted December 15, 2011 Si eu vreau,PM Link to comment Share on other sites More sharing options...
SticKyWoX Posted December 15, 2011 Report Share Posted December 15, 2011 O sa incerc si eu,desi nu sunt prea bun.PM.Nu strica sa incerc.Castig experienta. Link to comment Share on other sites More sharing options...
stoicescualecs Posted December 15, 2011 Report Share Posted December 15, 2011 Get me in....shortu masii Link to comment Share on other sites More sharing options...
sado Posted December 15, 2011 Report Share Posted December 15, 2011 me too. Link to comment Share on other sites More sharing options...
poq Posted December 15, 2011 Report Share Posted December 15, 2011 Eu. Link to comment Share on other sites More sharing options...
HJOCONCEPT95 Posted December 18, 2011 Report Share Posted December 18, 2011 Si eu vreau:)) Link to comment Share on other sites More sharing options...
Wav3 Posted December 18, 2011 Report Share Posted December 18, 2011 PM me too Link to comment Share on other sites More sharing options...
co4ie Posted December 18, 2011 Report Share Posted December 18, 2011 Pm te rog ... chiar ar fi foarte interesant challenge-ul ... Link to comment Share on other sites More sharing options...
