Jump to content

Hacking Challenges


RedAlert
 Share

Recommended Posts

http://www.dievo.org

 

This site offers a bunch of really interesting challenges, from cryptography, to PHP manipulation. I right now am on Apprentice: Level 5. Try it out and tell me what you think. Has anyone else already tried it?

 

Go to the site, click on challenges>wargames>hook. Hook is the first challenge.

Link to comment
Share on other sites

  • Replies 157
  • Created
  • Last Reply

Top Posters In This Topic

do you need to become a member to do the challenges?

 

Nope.

 

Level 10 already on Apprentice! How long have you been working on it?

 

I am stuck on level 5 too....I hear you have to use PHP to manipulate it or something......

Link to comment
Share on other sites

The first level of Neophyte is tricky. There's two things you've gotta do to at the same time, I can do them both on their own but can't seem to combine them!

 

(deliberately vague to avoid spoilers)

Link to comment
Share on other sites

I am stuck on level 5 too....I hear you have to use PHP to manipulate it or something......
You use code injection. PHP itself doesn't ahve any sort of exploit, but you can use SQL. Most sites usign SQL nowadays use PHP to check for bullshit, but your average amature web designer might have the exploit.

 

This is a realyl good article:

http://www.securiteam.com/securityreviews/5DP0N1P76E.html

 

One of the levels at hackthissite.org simply required '='' or '...

 

Obviously ''(nothing) == '' so the condition is passed. To search for a passwordfile you can try something like:

Union All Select null, pass, from pass, try exporting it to a file, or just execute shit by putting something like:

'; whatever.

 

You need to play around w/ it because you dont know exactly what the script looks like from the inside. Normally changing to double quotes or adding some parentheses will fix any errors.

Link to comment
Share on other sites

What's behind it all :P

 

They're no fun if it's spoiled!

 

Btw, web browsers wont matter much on it. You'd be just as well using Lynx (I think that's what it is)

 

Quikc question: Do the levels actual get to "hacking?" The first two (I'm not past 2) are pretty fun but I'm not goign to all of them if they're like that.

Link to comment
Share on other sites

Can ANYONE tell me how to start playing this game? The Challenge text is not a link so can't click it. So how do I start playing??????

 

Use Firefox, I am sure you are using IE. It doesn't work on IE for me too.

Link to comment
Share on other sites

What's behind it all :P

 

They're no fun if it's spoiled!

 

Btw' date=' web browsers wont matter much on it. You'd be just as well using Lynx (I think that's what it is)

 

Quikc question: Do the levels actual get to "hacking?" The first two (I'm not past 2) are pretty fun but I'm not goign to all of them if they're like that.[/quote']

 

The more advanced challenges are hacking. Hook gets you hooked. Apprentice and onwards introduce you to hacking.

 

If this is the god' date=' sex, password dropdown level there is no need to consider mySQL.

 

(referring to post #19)[/quote']

 

I think I know what I have to do to pass level 5, but I am getting the syntax wrong I am quite sure....this is what I am doing Mossoi, check it out:

 

[HIDE]www.dievo.org:82/apprentice/level5aaa/indexaa.php?$god==eagle[/HIDE]

 

Tell me what I am doing wrong...just give me hints of course.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.