Follow us on Twitter!
Don't judge the unknown - Grindordie
Monday, April 21, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 27
Guests Online: 26
Members Online: 1

Registered Members: 82854
Newest Member: Dyno890
Latest Articles
View Thread

HellBound Hackers | Challenges | Basic

Author

Basic 9


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 01-10-05 18:10
Could someone give me some help on what to do for 9 pls??? I'm 100% confused. I found every file/pass that is needed for basic 8 execpt that I get an error when I try to login using one of the files.

Am I missing something or is the challenge broke?


Author

RE: Basic 9


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 01-10-05 18:21
yeah ive gotten to the login screen with the two password boxes and i know i need something from basic 8 but wat is it that you could use. ive gone through basic 8 5 times and nothing there that basic 9 could use.


Author

RE: Basic 9


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 01-10-05 19:49
glad to know it's not just me Wink


Author

RE: Basic 9


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-10-05 00:59
I have found that is has something to do with NULL and how the search engine works, like in the POST variavle codes (if you know php you know what I am talking about), where the file search is, you have to put in something like ../(file you want to view in previous folder)%00. This is a common exploit that was used for cgi's (yuk!), even though the file may not permit you to access it, it will, because it thinks its a NULL command after it is executed (ie executing the command, without it knowing it is).

That is all this info I have gotten with the NULL commmand, and it hasnt seemed to help, but maybe it will help peice the puzzle togeather.


Author

RE: Basic 9


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-10-05 02:26
Which leaves us to the question of what unobtainable file do we need to get? I know the exploit you are talking about and it seems a bit logical for the mission, but I am not sure if this is the right direction.

When it says "cannot be injected by the url" it would make you think we would be using SQL injection, right?
Author

RE: Basic 9


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-10-05 05:55
Well, injection can mean many thinks, trojan injection, java injection, SQL injection, etc. Maybe a javscript command to change the way search.php searches for the files?


Author

RE: Basic 9


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 05-10-05 00:10
But the only sensible injection on this mission seems to be SQL related. Though this mission seems to be full of a lot of rubbish and really throws you off track not knowing if everything is relevant to the winning of the mission or not.
Author

RE: Basic 9


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 05-10-05 15:17
got it now thx to hackerbabe Wink

Think about the Poison Null Byte exploit Wink

btw, there are some MAJOR spoilers in previous topics, clear them please!!!


Author

RE: Basic 9


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-10-05 23:46
well i was looking around again and i decide not to search the login but search the search and then it said in bold that i was in the file... do i do something from here and if i do i tried to do and SQL inject where thr FROM is from the search

is that right?


Author

RE: Basic 9


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-10-05 02:30
Yeah, saying you're inside the file intrigued me, although you can't see what the file consists of. I'm guessing direct access to the file bypasses the security features, so you can inject SQL?

Just a hint on where to inject this damn code, is needed.
Author

RE: Basic 9


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 09-10-05 18:07
yeah just a small hint is good enough... that way i can get this over with.. Smile


Author

RE: Basic 9


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-11-05 12:27
heh i used the %00 thing Smile
although i don't understand it i just guessed where to put it... someone explain me the idea please Smile


Author

RE: Basic 9


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-11-05 17:34
* hint * parse the null byte through the search form not into the URL...

Edited by on 22-11-05 17:34