Government Security
Network Security Resources

Jump to content

Photo

Simple & Fun Challenges To Solve

- - - - - sql hash backdoor
  • Please log in to reply
34 replies to this topic

#16 gagsec

gagsec

    Private

  • Members
  • 11 posts

Posted 05 November 2007 - 06:28 PM

The first warmup challs ware quite funny and i enjoyed them.

Good job gagsec.



Thanx! But don't stop now, zer0 can tell you - the after-warmup levels are funnier :)
Zer0: Unless you explicitly hate PHP, level13 turned out to be very sweet. I think you (and others too, hopefully) will like it. 15 is the maximum for now.

#17 gagsec

gagsec

    Private

  • Members
  • 11 posts

Posted 07 November 2007 - 01:05 PM

A list of all the challenges:

hax.tor.hu/peek/ - all challenges

(there are more than 20)

#18 polpotx

polpotx

    Private First Class

  • Sergeant Major
  • 73 posts

Posted 08 November 2007 - 02:26 PM

Seams to me that o got baned whyle trying to solve the nasa level, after six minutes of playing... wich is kinda .. weird for this type of game. I don't like it anymore... :)

#19 gagsec

gagsec

    Private

  • Members
  • 11 posts

Posted 12 November 2007 - 12:25 PM

Seams to me that o got baned whyle trying to solve the nasa level, after six minutes of playing... wich is kinda .. weird for this type of game. I don't like it anymore... :)


I've been looking at logs so the most anyone was ever banned was a couple of minutes.
And BTW, it only bans on the first level, and only with a 0.05 probability, and only if
you feed it the wrong URL (and you are warned of this). Come on, don't make the server
grab stupid nasa.gov url's for no apparent reason :) Though even if you do, i'm unbanning
you I just don't want somebody making hundreds of nasa.gov requests using the haxgame
while I'm sleeping etc.
As for the game, it looks like the challenge is getting real - there are now a dozen users,
two of them above level 10, and many who have the potential of getting there.

The current toplist is:

Top 10 : 1. liteonish (16) 2. zer0 (15) 3. jamrun9 (6) 4. packetdump (4) 5. waraxe (4) 6. Sapient200 (2) 7. Corbin (2) 8. SuRGeoN (2) 9. nights (2) 10. reset (2)


ps: instead of getting banned by feeding obviosuly wrong url's you could have searched
google for 'search site:nasa.gov' pushing 'i feel lucky today' or something, and there
you go.

#20 ephi

ephi

    Private

  • Members
  • 17 posts

Posted 15 November 2007 - 05:17 AM

If you like wargame websites:

HackThisSite (as said above)
HackQuest
Bright-shadows
SmashTheStack
RootThisBox
OverTheWire (ex-PullThePlug)
Net-Force
Mod-X + Disavowed
HackIts (still alive ?)

There are two famous wargame-based video game
UpLink and Hacker-Evolution

And numerous of distros you all know, containing challenges..

Have fun.

#21 GroovyDude

GroovyDude

    Sergeant First Class

  • Sergeant Major
  • 597 posts

Posted 19 November 2007 - 06:05 AM

I got past the warmup exercises, but I'm totally stuck on the nasa.gov item. I'm not even quite sure I understand what the ultimate goal is for that one.

#22 gagsec

gagsec

    Private

  • Members
  • 11 posts

Posted 09 December 2007 - 05:47 AM

Update: hax.tor.hu now offers a nice unrestricted shell account to every user on a linux debian.

#23 ephi

ephi

    Private

  • Members
  • 17 posts

Posted 10 April 2008 - 10:31 AM

Update: hax.tor.hu now offers a nice unrestricted shell account to every user on a linux debian.


Talking about that, the server is down since quite a long time for patching reason. Any idea when it will be up again ? :ph34r:
Thanks for any info gagsec.

#24 satknis

satknis

    Corporal

  • Members
  • 162 posts

Posted 12 April 2008 - 03:33 AM

the 5 warmup confused me :)

#25 Major Clucker

Major Clucker

    Private

  • Members
  • 2 posts

Posted 27 April 2008 - 05:45 AM

Nice.

#26 virgoman

virgoman

    Private First Class

  • Members
  • 47 posts

Posted 27 April 2008 - 08:19 PM

This is a nice challenge ............ i'm at level 13..........looking to complete all levels

Virgoman...........>!!!!!!!!!!!!!

#27 virgoman

virgoman

    Private First Class

  • Members
  • 47 posts

Posted 07 October 2008 - 09:29 PM

Hi All,

I'm at level 24 at hax.tor.hu............can somebody here help me for level24?

Here is the challenge:
A military organization (Defense Intelligence Agency) has a test site under development that looks like the current one, only with smaller changes in design and content. Hint: [u][b]You will not find this specific site with search engines[/b][/u]. Do it somehow anyway, and write down the three headline words from the center (main) page that are bold, length 7, 6, and 6.

How can i find the test site without directly scanning the DoD IP range.........???

Thanks in advance...........Virgoman.......!!!!!

#28 virgoman

virgoman

    Private First Class

  • Members
  • 47 posts

Posted 09 October 2008 - 08:52 PM

Hi All,

I'm at level 24 at hax.tor.hu............can somebody here help me for level24?

Here is the challenge:

A military organization (Defense Intelligence Agency) has a test site under development that looks like the current one, only with smaller changes in design and content. Hint: [u][b]You will not find this specific site with search engines[/b][/u]. Do it somehow anyway, and write down the three headline words from the center (main) page that are bold, length 7, 6, and 6.

How can i find the test site without directly scanning the DoD IP range.........???

Thanks in advance...........Virgoman.......!!!!!


Please help me.............I'm just clue less with this level

#29 webdevil

webdevil

    Retired GSO General

  • Sergeant Major
  • 1,195 posts

Posted 09 October 2008 - 09:52 PM

If probably I could see the level myself only then would I be able to provide some help. I am not even sure what sort of challenges those are...
Thats probably why you arent getting any help :P

#30 virgoman

virgoman

    Private First Class

  • Members
  • 47 posts

Posted 10 October 2008 - 10:55 PM

If probably I could see the level myself only then would I be able to provide some help. I am not even sure what sort of challenges those are...
Thats probably why you arent getting any help :P

Ok ...wedevil....... can anybody help me to find out three headline words from the center (main) page that are bold, length 7, 6, and 6 from the site http://www.dia.mil....?

it seems to be too complex.......Virgoman......!!





Also tagged with one or more of these keywords: sql, hash, backdoor