HellBound Hackers
Join us at IRC!
Hacking isn't just Computers & Exploits. It's a Philosophy. - Mr_Cheese
Thursday, May 17, 2012
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
HellBoundHackers Additional:
Shop
Learn
Communicate
Submit
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Interact
Other
HellBoundHackers Executive:
HellBoundHackers Leisure:
Members Online
Total Online: 32
Web Spiders: 13
Guests Online: 28
Members Online: 4
newbee, spyware, barelylistening, flame_1221

Registered Members: 70039
Newest Member: p0isoN
Latest Articles

Realistic 8



FLV Blaster - Download Music and Videos Faster

website security How to complete Realistic 8...fairly easily



Realistic 8

This is a guide on how to complete Realistic Challenge 8

Okay i read another article on this challenge which had some code and spoke about cURL and php etc...
That isn't the only way you can complete this challenge.

I recommend you Google > 'Buffer Overflow' for more information.

Buffer overflow:-
'Buffer overflows may cause a process to crash or produce incorrect results. They can be triggered by inputs specifically designed to execute malicious code or to make the program operate in an unintended way. As such, buffer overflows cause many software vulnerabilities and form the basis of many exploits. Sufficient bounds checking by either the programmer or the compiler can prevent buffer overflows.' Wikipedia

In a scenario like this one, to determine if it is buffer overflow vulnerable then you would put in the correct username,
a random password. Hit enter and it will say invalid password. Now you keep refreshing as fast as possible, (Hint// using firefox hitting F5 then enter works a treat)

Once you have promptly refreshed the page about 20 something times then the data is corrupted and it goes in your favour.
Now you are logged in, time to complete the rest of the challenge.

Please comment and rate this article
Feel free to PM if you need extra help

The_Flash
security article Posted by the_flash on May 09 2006 - 17:26:47   |    23 Comments | 6323 Reads | Print print this tutorial

Comments

AldarHawk on May 09 2006 - 17:41:16
Nice article. I actually put in the password for this one though :p Either way will work.
cubeman372 on May 09 2006 - 18:58:59
Wow what a quick way to complete it, Buffer Overflow's rock Superbly Awesome :)
LiveFastDieFun on May 09 2006 - 19:03:08
Wow. This article is going to help my a lot. Is this challenge suppose to be completed this way?
mozzer on May 09 2006 - 19:04:14
Nice, helped loads for those of us who couldn't do the remote brute force
system_meltdown on May 09 2006 - 19:20:34
Great article flash!
H-oLm35 on May 12 2006 - 16:01:20
yep
paintballa_4life2005 on May 29 2006 - 22:54:38
Good article for completing the challenge, but realistically you will NEVER find a buffer overflow like this, it's not even really a buffer overflow. For an excellent article on Buffer overflows and how to exploit them check this out http://www.insecure.org/stf/smashstack.txt Good job on the article.
Aciid_nuk3r on June 18 2006 - 17:39:35
Thank's man, helped me out a LOT and gave me some nice knowledge
ranma on October 08 2006 - 02:35:35
W00P. Thanks! 60 points
Moonbat on November 02 2006 - 03:10:35
This is awsome man! Are buffer overflows possible on logins without a database check, or is this only for this challange?
Placebo on November 09 2006 - 05:41:35
Thank you very much. This article helped me out greatly.
xMikey on November 14 2006 - 22:46:47
I did it the easy way and set Opera to reload the page every second. Didn't have to do any work at all. B) lol, anyways thanks for this...I was completely stumped on what to do before I read this!
revolt0163 on December 05 2006 - 03:09:47
3876 - it WOULD be possible to find a buffer overflow like this, if the server application stored the requests for a short period of time, but you wouldn't get a login. the server would probably just crash (or if you crafted some shellcode you could get the server to run it)
Little Bad Wolf on February 07 2007 - 19:31:51
Maybe stupid question, but how many challenges that overflow works?B)
kaksii on February 19 2007 - 15:02:05
This is awesome article. Much better than other article. Thanks
zi_hunter on May 01 2007 - 10:39:04
That's a awesome article. Thank you Flash ;)
christian879 on September 22 2007 - 14:18:08
Awsome article!:ninja::evil::D
Zephyr_Pure on October 08 2007 - 16:52:25
That trick rocks. Real 8 in 2 minutes. B-)
123TommY321 on March 29 2008 - 22:05:47
tnx it was awsome!!!
macfarlanet on September 19 2008 - 11:01:51
Nice!!! I've always wanted to do a buffer overflow (albeit not an entirely realistic one) in a challenge.
M4zh4r on October 08 2008 - 08:15:56
You rock Flash..
ShadyTyrant on October 22 2008 - 06:37:55
Good article but I think you gave away to much. You basically give a step by step on how to completed this. To much of a spoiler but it is a better way then the brute force. I figured it out because I was testing XSS and SQL injection on the form and just entered in to much data.
Stormbringer on July 04 2009 - 02:27:06
Very nice. Thanks Flash :happy:
Post Comment

Sorry.

You must have completed the challenge Basic 1 and have 100 points or more, to be able to post.
Ratings
Rating is available to members only.

Please login or register to vote.
Awesome! 94% [29 Votes]
Very Good 3% [1 Vote]
Good 3% [1 Vote]
Average 0% [No Votes]
Poor 0% [No Votes]
Guest
Username

Password

Remember Me


Bookmark This Page
Affiliates
Adverts

 

 

Links

Anime Wallpaper Site
By using, viewing or obtaining any information contained on this site, you agree to the disclaimer.

© HellBound Hackers 2008- 2009. Since 3rd December 2004.

20561722 Unique Visits

Powered by HBH-Fusion