Follow us on Twitter!
Hacking isn't just Computers & Exploits. It's a Philosophy. - Mr_Cheese
Friday, April 25, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 24
Guests Online: 22
Members Online: 2

Registered Members: 82910
Newest Member: toni7
Latest Articles
View Thread

HellBound Hackers | Computer General | Increasing Security

Author

Yes I am a Noob....


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-08-08 17:15
Just thought I would get all of the 'what a noob' comments out of the way. I have not hacked anything, except for the 2 basic challenges I had to finish before I could post. Thanks for making those pretty easy by the way.

OK, why I am here. Over the past several years I have been teaching myself web coding. I am a graphic designer, and I really enjoy coding. I can use HTML, CSS, and php. My latest site is valid in HTML 4.01, CSS level 2, and WAI-AAA WCAG 1.0.

I am increasingly concerned about the security of my sites, especially my private family site. I have learned that my site is vulnerable to XSS, through a little test I found by googling it, though I am not sure how to fix this or what this issue really means. I have a php/mysql login script, and I don't think I have ever been hacked.

I would also like to take a look into some other sites that are protected in the same way. Is it illegal to get past someone's login script and just look at the content that is behind it?

I am really excited about learning about web site security. I also think your challenges are fun, so I am going to keep trying to do those, I hope they don't get to hard to fast!

Thanks for all of your help in advance!!

Oh, I forgot I wanted to tell you all a little about myself. I am, hmm, I wonder what is relevant here....

Female
Thin/Average Height
Late 20's
from Kentucky, USA
married
anything else, just ask
Author

RE: Yes I am a Noob....


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-08-08 17:29
BitchCoder wrote:
Female
Thin/Average Height
Late 20's


Hey I'm pretty close we should hook up B)


Author

RE: Yes I am a Noob....

Mr_Cheese




Posts: 2468
Location: Brighton, UK
Joined: 30.11.04
Rank:
Uber Elite
Posted on 26-08-08 17:34
BitchCoder wrote:
My latest site is valid in HTML 4.01, CSS level 2, and WAI-AAA WCAG 1.0.


we use XHTML nowadays Wink


but good to hear that you are here for the right reasons. I hope you learn a lot from this site.
http://www.hellboundhackers.org/
Author

RE: Yes I am a Noob....


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-08-08 17:38
slpctrl wrote:
BitchCoder wrote:
Female
Thin/Average Height
Late 20's


Hey I'm pretty close we should hook up B)


She's married man. Wtf Pfft

As for bitchcoder, what level of XSS are we talking here? Low-level, persistant?


Author

RE: Yes I am a Noob....


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-08-08 17:38
slpctrl wrote:
BitchCoder wrote:
Female
Thin/Average Height
Late 20's


Hey I'm pretty close we should hook up B)


miss the "married" part? Grin
Author

RE: Yes I am a Noob....


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-08-08 17:39
Welcome to hbh!


Author

RE: Yes I am a Noob....

clone4
Member



Posts: 586
Location: He is back and he's bad!
Joined: 25.11.07
Rank:
Mad User
Posted on 26-08-08 17:42
BitchCoder wrote:
slpctrl wrote:
BitchCoder wrote:
Female
Thin/Average Height
Late 20's


Hey I'm pretty close we should hook up B)


miss the "married" part? Grin


We usually see only what we want to Grin

Anyway welcome and enjoy the ride Wink


[img][/img]img164.imageshack.us/img164/5713/perlvl0.jpg

clone4.freehostia.com/ubuntu_3.png
spyware - "They see me trollin'..."
<yaragn> ever seen that movie? The Matrix?
<yaragn> with those green lines of flying text?
<yaragn> *THAT'S* Perl

clone_4@hotmail.com
Author

RE: Yes I am a Noob....


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-08-08 17:43
I meant XHTML, sorry.

I am not sure what level we are talking about, I really don't know where to start when it comes to this stuff. I taught myself to code by doing one thing I wanted the site to do at a time.

I ran a little 'test' at http://searchsoftwarequality.techtarget.com/tip/0,289483,sid92_gci1159276,00.html. It didn't show up as step 4, but as step 5, aka, didn't show up on the page, but was in the source code.

If you would like to see my site PM me, I would rather it not be public, and this profile not be related back to my business. I doubt ppl around here would hire a web designer that was active on a hacking web site.
Author

RE: Yes I am a Noob....


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-08-08 17:47
Forgot, the web site I am concerned about is not XHTML, CSS, or any other compliant. It was my first baby, and I haven't updated it yet. I am planning a restructuring as soon as I feel up to it. It's been the same site with just personal updates for years. When I start to change it I always get a little sadSad
Author

RE: Yes I am a Noob....


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-08-08 17:50
BitchCoder wrote:
I meant XHTML, sorry.

I am not sure what level we are talking about, I really don't know where to start when it comes to this stuff. I taught myself to code by doing one thing I wanted the site to do at a time.

I ran a little 'test' at http://searchsoftwarequality.techtarget.com/tip/0,289483,sid92_gci1159276,00.html. It didn't show up as step 4, but as step 5, aka, didn't show up on the page, but was in the source code.

If you would like to see my site PM me, I would rather it not be public, and this profile not be related back to my business. I doubt ppl around here would hire a web designer that was active on a hacking web site.


Where did you submit that query? Was it the login box that was in that document?
Yeah, you can hit me up on PM or AIM if you want it to be faster.


Author

RE: Yes I am a Noob....


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-08-08 17:51
login box
Author

RE: Yes I am a Noob....


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-08-08 17:51
Hi BitchCoder, I fucking hate noobs.
It's one thing to declare yourself new to something, or a beginner, or bewildered by a subject, but people proudly declaring themselves noob is idiotic since it's about as stupid as a retarded kid who's been hit over the head with a frying pan.
Anyhow, that's just a personal annoyance of mine, after all it was just a dumbass phrase used as an introduction and you know how first impressions never last.

Welcome to HBH Grin


Author

RE: Yes I am a Noob....


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-08-08 17:54
I read alot of the other forums here before posting. I just wanted to make it clear that I understood part of joining a forum like this is I was going to ask stupid questions (to the reader anyway) and say things you thought would be stupid. Then someone would make fun of me being a noob, so I just got it out of the way.

Peace.
Author

RE: Yes I am a Noob....


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-08-08 18:00
My point is; you don't do any good by saying anything like that, we're all new at some point, what you do is call unnecessary attention to it. If a question is considered stupid, calling a lot of attention to it beforehand won't change anything about the question itself.
Just have some pride and if you want to tell everyone that you're new, just say that you are indeed new to the subject, that's all. There's no need to publicly insult yourself.


Author

RE: Yes I am a Noob....


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-08-08 18:00
BitchCoder wrote:
login box


Low-level. Not exactly something incredibly urgent and dangerous.
Learn how to patch it (very simple) & learn how attackers would use it (so if another one is found, you won't get fucked over by it).


Author

RE: Yes I am a Noob....


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-08-08 18:03
What about other security threats, how do I look for them?
Author

RE: Yes I am a Noob....


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-08-08 18:07
BitchCoder wrote:
What about other security threats, how do I look for them?


Learn about them. For beginner site admins who don't have the means to get a professional audit job done Acunitex and other vulnerability scanners are going to be your friends. Hundreds to thousands of different attacks with fast results. You can look at their output to see possibly how they would attack through it and also, possibly patch options.

You can learn about how the exploits work after you patch them, seeing as that seems to be your first worry.


Author

RE: Yes I am a Noob....


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-08-08 18:33
Welcome to HBH feel free to PM me if you have any questions and I will try my best to help you.