MecaniQ Posted March 11, 2012 Report Posted March 11, 2012 Hello all din nou!Am facut un mic challenge pentru voi toti!Fiecare are ocazia sa iti testeze scripturile,metodele,chiar si abilitatile sa zic asa Am dedicat siteul pentru RSTCenter,dar desigur vor fii si altii care vor incerca...Sunt interesat mai ales in privinta lui Ahead am vazut ca stie cate ceva...www.crack.trei.roDatii bataie cu ce vreti SQL Inject etc...Atata timp cat reusiti sa scoateti admin si pass,si de ce nu un DEMASK TOTAL!Siteul va sta online cel putin cateva luni ca fiecare sa aibe timp destul de testare.P.S.: Exista si un log cu incercari/reusite pentru a putea vedea ipul,metoda,data,ora dupa care voi face un Hall of Fame si Hall of Shame!Cheers! Quote
iBebe Posted March 11, 2012 Report Posted March 11, 2012 Vezi poate publici vreun ip.. Fa ceva sa isi pun numele omu dupa ce a rezolvat. Quote
SilviuSDS Posted March 12, 2012 Report Posted March 12, 2012 Am reusit sa scot o eroare mysql dar nu am atimp acuma ca trebe sa fug la scoala ca deja am lipsit de la primele 2 ore.Interesant challenge-ul, vreau sa-l rezolv cand ma intorc asa ca rog pe ceilalti sa nu posteze solutia, trimiteti-o pe PM. Quote
MecaniQ Posted March 12, 2012 Author Report Posted March 12, 2012 Eroare nu cred. Am verificat Logul azi dim,iar cat despre solutie,nimeni nici macar pe aproape nu a fost;)) Quote
SilviuSDS Posted March 12, 2012 Report Posted March 12, 2012 (edited) Eroare nu cred. Am verificat Logul azi dim,iar cat despre solutie,nimeni nici macar pe aproape nu a fost;))Nu am specificat daca eroarea este sau nu exploatabila, ci ca am reusit sa o provoc, acuma lasa-ma sa vad ce fac pe acolo, daca reusesc foarte bine, daca nu ma dau batut, asta e Edit: Presupun ca asta nu se pune Edited March 12, 2012 by SilviuSDS Quote
MecaniQ Posted March 12, 2012 Author Report Posted March 12, 2012 pai nu se pune,din moment ce nu ai scos user/pass...dar totusi ai reusit ceva;) de admirat bravo:D Quote
alinh0 Posted March 12, 2012 Report Posted March 12, 2012 Mie imi merge. Oricum vezi ca e un link pe "site" care duce la Povestea de succes a Ramonei - Cum am scapat de riduri .Poate intelege cineva gresit. Quote
SilviuSDS Posted March 12, 2012 Report Posted March 12, 2012 Doar la mine e crapat site-ul??? A facut niste schimbari, a mutat challenge-ul intr-un folder. Acuma merge perfect.Mie imi merge. Oricum vezi ca e un link pe "site" care duce la Povestea de succes a Ramonei - Cum am scapat de riduri .Poate intelege cineva gresit.Site-ul este hostat pe Xhost si este site gratuit, iar cei de la Xhost baga o mica publicitate acolo, nu are legatura cu challenge-ul. Quote
MecaniQ Posted March 14, 2012 Author Report Posted March 14, 2012 Exact:) site-ul merge perfect,am avut un mic bug la sql de aceea a parut chestia aia.Acum puteti sai dati bataie,nu va faceti griji,nimeni nu va da in judecata sau chestii de genul(am rezolvat eu).SO GO ON! Un shell ceva? Quote
MecaniQ Posted March 21, 2012 Author Report Posted March 21, 2012 [1337 zone][17.03.2012|21:03:20] WRONG! Login request with user:[ admin ] and password:[ fecb55ad8bb6fd8dc281219b4e144f16 ] | IP Address: [ xxx ]-------------------------------- [1337 zone][17.03.2012|21:03:20] WRONG! Login request with user:[ ..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini ] and password:[ d41d8cd98f00b204e9800998ecf8427e ] | IP Address: [ xxx ]-------------------------------- [1337 zone][17.03.2012|21:03:20] WRONG! Login request with user:[ ?\0xa7 ] and password:[ d41d8cd98f00b204e9800998ecf8427e ] | IP Address: [ xxx ]-------------------------------- [1337 zone][17.03.2012|21:03:21] WRONG! Login request with user:[ ] and password:[ f8366d90bf4bb0f51d5cb7c491c1b97e ] | IP Address: [ xxx ]-------------------------------- [1337 zone][17.03.2012|21:03:21] WRONG! Login request with user:[ admin ] and password:[ c4ca4238a0b923820dcc509a6f75849b ] | IP Address: [ xxx ]-------------------------------- [1337 zone][17.03.2012|21:03:21] WRONG! Login request with user:[ ] and password:[ f92c0a47aea289a87677cb3673379d64 ] | IP Address: [ xxx ]-------------------------------- [1337 zone][17.03.2012|21:03:21] WRONG! Login request with user:[ paginadepagina.php\0 ] and password:[ d41d8cd98f00b204e9800998ecf8427e ] | IP Address: [ xxx ]-------------------------------- [1337 zone][17.03.2012|21:03:21] WRONG! Login request with user:[ /.\\\\./.\\\\./.\\\\./.\\\\./.\\\\./.\\\\./windows/win.ini ] and password:[ d41d8cd98f00b204e9800998ecf8427e ] | IP Address: [ xxx ]-------------------------------- [1337 zone][17.03.2012|21:03:21] WRONG! Login request with user:[ 1\" ] and password:[ d41d8cd98f00b204e9800998ecf8427e ] | IP Address: [ xxx ]-------------------------------- [1337 zone][17.03.2012|21:03:21] WRONG! Login request with user:[ admin ] and password:[ 96e79218965eb72c92a549dd5a330112 ] | IP Address: [ xxx ]-------------------------------- [1337 zone][17.03.2012|21:03:21] WRONG! Login request with user:[ ] and password:[ f827f198e111e71cd04f722d54a31ac7 ] | IP Address: [ xxx ]-------------------------------- [1337 zone][17.03.2012|21:03:22] WRONG! Login request with user:[ paginadepagina.php/. ] and password:[ d41d8cd98f00b204e9800998ecf8427e ] | IP Address: [ xxx ]-------------------------------- [1337 zone][17.03.2012|21:03:22] WRONG! Login request with user:[ \'\" ] and password:[ d41d8cd98f00b204e9800998ecf8427e ] | IP Address: [ xxx ]-------------------------------- [1337 zone][17.03.2012|21:03:22] WRONG! Login request with user:[ admin ] and password:[ 202cb962ac59075b964b07152d234b70 ] | IP Address: [ xxx ]-------------------------------- O da..in felul asta sigur sunteti "hackeri" adevarati! Quote
iBebe Posted March 21, 2012 Report Posted March 21, 2012 Chiar nimeni, da un hint ca noi suntem prea idioti. Quote
SilviuSDS Posted March 21, 2012 Report Posted March 21, 2012 Eu mai mult decat am facut nu reusesc sa fac. Nu am reusit sa scot nimic din db. Quote
MecaniQ Posted April 11, 2012 Author Report Posted April 11, 2012 Hai dai pace...site removed... e exagerat 1 luna si nimeni nimic...Fratilor daca vreti sa invatati ceva cu adevarat,va astept pe WeChall,ma gasiti sub nickul hacker_dizzy...pana atunci... .. .... ..... Quote