Follow us on Twitter!
The measure of a mans life is not how well he dies, but how well he lives.
Saturday, April 19, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 22
Guests Online: 20
Members Online: 2

Registered Members: 82838
Newest Member: w1zarrd
Latest Articles
View Thread

HellBound Hackers | Challenges | Basic

Author

Basic 9 Tutorial


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 02-02-06 14:12
You have to know about html, php, sql injecting and poison null byte attack.
1) look at the source and find the directory where the form perform the searches; The initial message tell you clearly what is the name of the dir you need. However you can look at the source of the page or google it to find the dir.
2) Ever look all files and all sources. Find a page that is vulnerable to sql injection attack. Try it injecting a sql how y've done in basic8. The page display a password and a form to put her. Once you find that stop and turn to the start page. Else if you put the displayed password in this form you're redirected to a non existent page(in the wrong track).Ok? If you don't have time to spend once you have foud the sql injection vulnerable page turn to the start page.Let's say that is name is larika.php.
3) You have now to apply the Poison Null Byte attack to the larika.php page
from the start page. How the null byte work? What is it? Read about null byte and you'll easly understand how to use it.
Now begins the 2nd part of mission.
4) If all is right you are redirected to a page that tell you in clear and in the source the username and the password to beat the mission.
5) Turn in the start page and login with this information.

Thanks everybody that put helps,comments and hints in this forum!!
Author

RE: Basic 9 Tutorial


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 17-04-06 21:35
Larika wrote:
2) Ever look all files and all sources. Find a page that is vulnerable to sql injection attack. Try it injecting a sql how y've done in basic8. The page display a password and a form to put her. Once you find that stop and turn to the start page. Else if you put the displayed password in this form you're redirected to a non existent page(in the wrong track).Ok? If you don't have time to spend once you have foud the sql injection vulnerable page turn to the start page.Let's say that is name is larika.php.


back to this chapter Smile well you've mentioned some about basic 8, well ... there we had a database name .. a field name ... here we have nothin' ..


Author

RE: Still dont get it! Basic 9


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 19-04-06 13:06
can someone point me in the right direction for this Poison Null Byte challenge? I got all the others in Basic

and yes I have read the forums, and the articles, even ones oustide of the site (u mean theres an outsideShock) but no matter what i enter it just errors!

pointers would be good please?

*Edit - Nevermind, I got it. Grin

Cheers

Dantronix




Edited by on 19-04-06 15:10