Security Basics mailing list archives
Re: hax.tor
From: Daniel Grant <daniel () britishemail co uk>
Date: Tue, 27 Nov 2007 16:58:50 +0000
Yeah - after a good nights sleep and some coffee I got there- the last one was fun - gotta say, I think number 4 was the most difficult to get out of the first 5.
jeffrey rivero wrote:
That last one was fun jeffrey rivero wrote::)use an inline HTML editor or a debug tool and edit the Options of the form (you can change one to pear):) Daniel Grant wrote:Level 3 has completely got me too - I tried all sorts, but either im short on coffee or not bright enough.Anyone got it yet? Rivest, Philippe wrote:They just want to see if you can do a banner grabbing, theres really nothing to it. But I do agree that choosing the FBI is a very very VERY bad way to be serious, it is sending out the Hacker VS the law image and I would go against this.Anyhow anyone that can give me a hint to pass level 3 would be appreciated; I tried saving the source to my pc and adding Pear as a value. Didn't knowAny clue? MerciPhilippe RivestMétro Richelieu Analyste en sécurité & Certified Ethical Hacker 514-662-3300x3115 P Est-ce vraiment nécessaire d'imprimer cette page ? -----Message d'origine-----De : listbounce () securityfocus com [mailto:listbounce () securityfocus com] De la part de Zimler Attila TamásEnvoyé : lundi 26 novembre 2007 12:29 À : 0x90 Cc : security-basics () securityfocus com Objet : Re: hax.tor 0x90 wrote:Dear List, let me bring to your attention a site that deals with basic security issues presented in a hackme-fashion way. You advance on very easy levels that have hints to them and will teach you something useful in everyday IT sec. Examples: - exploiting buggy custom PHP scripts: bugs are taken from real life - SQL injection - decoding an MSSQL password from a sniffed login sequence - decoding wcx_ftp.ini passwords - googling the smart way - looking up virtualhosts on a webserver - spoofing http headers - exploiting legal usage of web services for misc purposes - basic mathematics: base. binary, equation - realistic and (legal) _REALITY_ missions - recognizing and decoding md5/des/base64/etc - google word game ( telnet://hax.tor.hu ) - forging a DNS request - decrypting MS-Word documents - out-of-the-box thinking Along the levels, you will find funny pictures to relax with, music to listen to, maybe even ascii cow art :-)If you are interested in the above, you may check it out here. (this is a minimalistic site, there are no ads or overcrowded menus)http://hax.tor.hu/ Have a nice day, 0x90What do you want to SSH connect to FBI-s homepage?If this is a game, why don't you provide yourself the target for scanning it?Attila
Current thread:
- hax.tor 0x90 (Nov 26)
- Re: hax.tor Zimler Attila Tamás (Nov 26)
- RE: hax.tor Rivest, Philippe (Nov 26)
- Re: hax.tor Daniel Grant (Nov 26)
- RE: hax.tor Rivest, Philippe (Nov 26)
- Re: hax.tor jeffrey rivero (Nov 27)
- Message not available
- Re: hax.tor Daniel Grant (Nov 27)
- Re: hax.tor Peter Harmsen (Nov 27)
- Message not available
- Re: hax.tor Captain Bock (Nov 27)
- RE: hax.tor Melissa (Nov 28)
- RE: hax.tor Rivest, Philippe (Nov 26)
- Re: hax.tor Zimler Attila Tamás (Nov 26)
- Re: hax.tor Michael Argyriou (Nov 27)
- Re: hax.tor 0x90 (Nov 27)
- Re: hax.tor Robert Larsen (Nov 27)