SySTeM
Offline| General Information | |||
 | Email Address: | Not Specified | |
| Location: | England, UK | ||
| Birthdate: | December 12 1991 | ||
| ICQ#: | Not Specified | ||
| MSN ID: | Not Specified | ||
| Yahoo ID: | Not Specified | ||
| AIM: | Not Specified | ||
| Rank: | HBH Guru | ||
| Title: | Member | ||
| Website URL: | http://www.elites0ft.com/ | ||
| Statistics | |||
| Date Joined: | July 27 2005 - 16:39:08 | ||
| Shoutbox Posts: | 0 | ||
| Comments Posted: | 366 | ||
| Forum Posts: | 1524 | ||
| Last Visit: | July 22 2013 - 10:35:22 | ||
| Point Ranking | 216 of 4457 | ||
| Community Points | 0 | ||
| Member Status: | Member | ||
| Challenges | Points: 1675 | ||
| Basic Challenges | 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29 | ||
| Flash Challenges | 1, 2, 3, 4 | ||
| Javascript Challenges | 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 | ||
| Realistic Challenges | 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18 | ||
| Rooting Challenges | 1, 2, 3 | ||
| Application Challenges | 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17 | ||
| Encryption Challenges | 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12 | ||
| Logical Challenges | 1, 2, 3, 4, 5, 6, 7 | ||
| Social Challenges | 1, 2 | ||
| Stegano Challenges | 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27 | ||
| Tracking Challenges | 1, 2 | ||
| Patching Challenges | 1, 2, 3, 4 | ||
| App Patching Challenges | 1, 2 | ||
| Timed Challenges | 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11 | ||
| Other Challenges | 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 | ||
| Pen Testing 1 | Points accumulated: 0 out of 350 | ||
| Pen Testing 2 | Points accumulated: 0 out of 175 | ||
| Programming Challenges | Coded Application Challenge 12 for HBH: 20 points Coded Application Challenge 13 for HBH: 45 points Coded Application Challenge 16 for HBH: 70 points Coded Basic 18 for HBH: 35 points Coded Basic 19 for HBH: 30 points Coded Basic 24 for HBH: 40 points Coded Basic 28 for HBH: 40 points Coded Basic 29 for HBH: 70 points Coded Javascript Challenge 10 for HBH: 15 points Coded Javascript Challenge 11 for HBH: 15 points Coded Pen-Testing 1 for HBH: 175 points Coded Timed 1 for HBH: 20 points Coded Timed 5 for HBH: 30 points Coded Timed 6 for HBH: 35 points Coded Web Patching Challenge 3 for HBH: 10 points Coded Web Patching Challenge 4 for HBH: 40 points Created Other 16 for HBH: 15 points Created Realistic 17 for HBH: 80 points Created Stegano 15 for HBH: 30 points First Place in PHP Optimization Competition: 100 points First Place in SEO Competition: 100 points HBH Penetration Testing Competition: 50 points HBH Zine Comp: 10 points | ||
Send a private message | Report for private message spam | ||
Articles by SySTeM
|
Codes by SySTeM
|
Signature of SySTeM
Hall of Fame entries for SySTeM
| XSS in members.php | |
| Reward | 50 points |
| Description | SySTeM was able to find xss exploits in the members.php page by using the unfiltered variables. |
| XSS | |
| Reward | 100 points |
| Description | SySTeM was able to inject XSS into a function on the PM system. This could lead to stealing admin cookies. |
| [IMG] Tag XSS vulnerability | |
| Reward | 75 points |
| Description | SySTeM was able to escape our filters and insert a line segment that would allow him to make an alert box on any page that allowed BB code. |
| XSS in Realistic 8 | |
| Reward | 30 points |
| Description | SySTeM was able to include html tags in his refer. This refer was then logged in real 8 and anyone attempting the challenge would execute his code. |
| cURL Script | |
| Reward | 40 points |
| Description | SySTeM used a cURL script in PHP to view the admin shoutbox entries. |
| Blind MySQL Injection | |
| Reward | 100 points |
| Description | SySTeM found a blind mysql injection vulnerablity in the PM system |
| CSRF Via Variable Injection | |
| Reward | 35 points |
| Description | SySTeM was able to use a variable injection string (http://www.hellboundhackers.org/?_POST=lol=rofl.png) inside an image tag which would log someone out. |
| XSS in print.php | |
| Reward | 30 points |
| Description | SySTeM was able to post an article containing html, and then when a user goes to the print view of the article, the code would run. |
| UTF-7 XSS On Error Pages | |
| Reward | 50 points |
| Description | SySTeM found an XSS vulnerability using the UTF-7 charset, http://www.hellboundhackers.org/\\\+ADw-script+AD4-alert(/xss/)+ADw-/script +AD4---//--, which when run with firefox, or internet explorer with character set auto detection turned on, caused an alert to appear. |