Donate to us via Paypal!
You cannot teach a man anything; you can only help him find it within himself. - Galileo
Saturday, November 28, 2020
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 98
Guests Online: 96
Members Online: 2

Registered Members: 130552
Newest Member: Johnfoege
Latest Articles

View Thread

HellBound Hackers | Computer General | Web hacking

Page 1 of 2 1 2 >
Author

Penetration Testing


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 21-11-06 20:14
Hi,

I've been coding my personal blog and have come to the point of releasing it to the public. I am now looking for people to try and hack the site. Anyone interested post here

---

mozzer

URL: PHP-GSY


Author

RE: Penetration Testing

Mr_Cheese
Member



Posts: 2468
Location: Brighton, UK
Joined: 30.11.04
Rank:
Uber Elite
Posted on 21-11-06 20:21
if you want it professionally penetration tested contact me and i can organise a very reasonable price. full reports are given etc etc


Author

RE: Penetration Testing


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 21-11-06 20:22
I meant it more as a challenge for the HBH users, but if I ever do need something like that done I'll keep you in mind


Author

RE: Penetration Testing

SySTeM
Member

Your avatar

Posts: 1524
Location: England, UK
Joined: 27.07.05
Rank:
HBH Guru
Posted on 21-11-06 20:38
"Copywrite" lolz Pfft


img138.imageshack.us/img138/6527/sig2ak1.jpg
www.hellboundhackers.org/sig/r/2783.png

http://www.elites0ft.com/
Author

RE: Penetration Testing


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 21-11-06 20:44
Meh, someone has already pointed that out to me at school. Forgot to change it

Thanks system SmileSmile


Author

RE: Penetration Testing


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 21-11-06 20:53
Upon careful review of......1 minute, i have found....
*dramatic sequence*

Incorrect is spelt incorrect!

buahahahahah...:ninja:


Author

RE: Penetration Testing


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 21-11-06 20:55
Where? Post a comment on the site so I can find it. (NB, you don't have to use a real email)

[EDIT=1]
* Slaps head
[/EDIT]




Edited by on 21-11-06 21:10
Author

RE: Penetration Testing


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-11-06 11:45
so this blog uses readblog.php script to read blogs. so if i select some nonexistant id or i just dont sellect it at all(exmp: http://phpgsy.com/readblog.php?id=99) i can add comments on a empty blog?!
Its not vuln, but still it should be fixed Smile
cya
Author

RE: Penetration Testing


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-11-06 12:52
Well spotted, I never noticed that, thank you


Author

RE: Penetration Testing


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-11-06 13:07
again, a funny bug...
in admin.php if u add argument comment with some value it would add that value bellow the 'submit' button.
exmp: admin.php?comment=roflmao would add 'roflmao' bellow the submit button
Author

RE: Penetration Testing

AldarHawk
Member



Posts: 1690
Location: Canada
Joined: 26.01.06
Rank:
Hacker Level 1
Posted on 22-11-06 14:42
Most likely not anything big but if you post a comment that is blank with all the other fields blank it still posts. Might want to add a if statement to avoid null floods.


Just ask Yahoo!Taboo! http://www.erikwestlake.com
Author

RE: Penetration Testing


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-11-06 15:24
Well I tried some common xss'ploits and they didn't work.



Stupid html entities :X

Smile - nice site


Author

RE: Penetration Testing


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-11-06 16:34
@Aldar, yes I am going to be improving the comments to stop null and repeat comments


Author

RE: Penetration Testing


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-11-06 16:36
only wrote:
again, a funny bug...
in admin.php if u add argument comment with some value it would add that value bellow the 'submit' button.
exmp: admin.php?comment=roflmao would add 'roflmao' bellow the submit button


I haven't found that, I dunno if thats just you. Anyone else seen it?


Author

RE: Penetration Testing


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-11-06 16:58
only wrote:
again, a funny bug...
in admin.php if u add argument comment with some value it would add that value bellow the 'submit' button.
exmp: admin.php?comment=roflmao would add 'roflmao' bellow the submit button



mozzer wrote:
I haven't found that, I dunno if thats just you. Anyone else seen it?


Doesn't work for me. "only", what browser are you using?


Author

RE: Penetration Testing


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-11-06 17:20
my mistake its 'content' not 'comment' Smile

i use firefox btw

screenshot: milan.ninet.co.yu/only/phpgsy.jpg



Edited by on 22-11-06 17:22
Author

RE: Penetration Testing


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-11-06 17:29
that bug is now officially confirmed, works here too. Oh btw "only", please resize or remove that img pleeeaaase Pfft ITS SO HUGE xD


Author

RE: Penetration Testing


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-11-06 17:37
done, sorry about that one Smile
Author

RE: Penetration Testing


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-11-06 17:40
I know it is a problem. It's the host's damn register_globals


Author

RE: Penetration Testing


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-11-06 12:06
ok i have an idea. in the admin.php maybe u can change the author by a javainj or something and then try to login? its just a proposition i dunno if it works, and im kinda busy lately so i have no time to try out.
cheers
Page 1 of 2 1 2 >