Follow us on Twitter!
You cannot teach a man anything; you can only help him find it within himself. - Galileo
Friday, April 18, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 31
Guests Online: 25
Members Online: 6

Registered Members: 82829
Newest Member: mmoclauq
Latest Articles

Pen Testing 2

Arrow Image If you need hints because you are still stucked with pen test 2, this article is written for you.



I made this article for help people because there wasn\'t any writing about this topic before. This is my first one so please don\'t rate me so cruel. :)

0x01. Let\'s get in!
With this challenge like all the others you should start with collecting information. Read all texts, check sources, urls, input fields and take notes. When you are finished with this you should know where are the inputs of the site. Don\'t think too hard it isn\'t sql injection just relax and make the simplest thing you can ever imagine. [60 points]

0x02. Show off!
After you logged in you will see a bunch of new interesting stuffs so you will be able to extend your sketches. I\'m sure about that you have already found an interesting file which you wanted to see so bad just you wasn\'t able to do that before. Now the time is arrived. [35 points]

0x03. Make my wish!
I guess you basically don\'t wish that to anybody (or at least I hope) but it is a simulation and you need to find a security hole. If you figured out what I was talking about ask yourself. Is only that user able to do that? [10 points]
Notes: You can do the same exploit with other things too. :)

0x04. Bad joke time!
If you figured out what I meant last time it was mentioned there will be a related exploit. But this time you should joke with it all around instead of playing with yourself. [40 points]

0x05. Change my mind!
If you are here it means you did various things with the site. But it still seems to belong to Moshbat. Is there any way to create the site to your own image? [30 points]

I hope that you enjoyed the article and it helped you to find the exploits without ruining the wonder of discoveries. I wish you the best and if you get stucked so bad drop me a pm.

May the force be with you! ♥
psyl0cke

Comments

Rap70ron July 16 2013 - 18:34:15
Very informative and apposite tutorial with no spoilers. I think users will find this very helpful since there are minimal information regarding pen testing 2. Nice work psyl0cke Thumbs Up
psyl0ckeon July 17 2013 - 08:40:43
Thanks for the nice words. I'm so happy about your comment. Smile
Post Comment

Sorry.

You must have completed the challenge Basic 1 and have 100 points or more, to be able to post.