SitePoint Sponsor

User Tag List

Page 1 of 3 123 LastLast
Results 1 to 25 of 62

Thread: Hack This Site

  1. #1
    SitePoint Wizard silver trophy someonewhois's Avatar
    Join Date
    Jan 2002
    Location
    Canada
    Posts
    6,364
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Hack This Site

    http://hackthissite.org

    How many points can you get? 160 for me so far.

  2. #2
    ********* Genius Mike's Avatar
    Join Date
    Apr 2001
    Location
    Canada
    Posts
    5,458
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    430
    Mike
    It's not who I am underneath, but what I do that defines me.

  3. #3
    SitePoint Wizard silver trophy someonewhois's Avatar
    Join Date
    Jan 2002
    Location
    Canada
    Posts
    6,364
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Which ones did you crack? Let's see your profile.

  4. #4
    ********* Genius Mike's Avatar
    Join Date
    Apr 2001
    Location
    Canada
    Posts
    5,458
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    I was joking

    When I beat your score I'll post
    Mike
    It's not who I am underneath, but what I do that defines me.

  5. #5
    masquerading Nick's Avatar
    Join Date
    Jun 2003
    Location
    East Coast
    Posts
    2,215
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I haven't gotten past logging in
    Nick . all that we see or seem, is but a dream within a dream
    Show someone you care, send them a virtual flower.
    Good deals on men's watches

  6. #6
    SitePoint Wizard silver trophy someonewhois's Avatar
    Join Date
    Jan 2002
    Location
    Canada
    Posts
    6,364
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    That's why I askeed for a profile check.

    I'm up to 190 now.

    If anyone cares, http://www.hackthissite.org/userinfo.php?id=hypreed is my account is my account - using my friends login, I'm too lazy to register, but my site's there.. and he didn't do any of them, as he's incompetent.

    Edit:
    Ranked 5828 of 67767 users with 230 points.
    Edit again:
    Ranked 4835 of 67770 users with 290 points.
    Last edited by someonewhois; Jul 9, 2004 at 07:56. Reason: Updating my uber score ;)

  7. #7
    Made with a Mac! philm's Avatar
    Join Date
    Sep 2001
    Location
    Portsmouth, UK
    Posts
    735
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    hehe, kinda fun, got upto 100.

    On the application challenges no. 2 i manage to find the url for the serial no.s but none of them work

    Same with no.3, got a URL that won't give in...

    All the others are PC .exe's, no good to me on a Mac

  8. #8
    SitePoint Wizard silver trophy someonewhois's Avatar
    Join Date
    Jan 2002
    Location
    Canada
    Posts
    6,364
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Really? I packet sniffed, got the URL (to the keys123.txt file), and took one of the keys and it worked fine. The first one I'll give you a hint: it's in the executable. All strings are in the .exe file (in Windows).. after the first one they use math equations and what not to generate it (using integers instead of strings). I don't remember how I did the third one... It's a good time waster.

  9. #9
    Made with a Mac! philm's Avatar
    Join Date
    Sep 2001
    Location
    Portsmouth, UK
    Posts
    735
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by someonewhois
    I packet sniffed.......
    heeh that sounds kinda like an addicition or something

    No idea what it means I just dragged it into BBedit and looked through all the garble.....

    I think I'll have to have another go on the PC later....

  10. #10
    SitePoint Wizard silver trophy someonewhois's Avatar
    Join Date
    Jan 2002
    Location
    Canada
    Posts
    6,364
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Heh, yeah, I just dragged it into Editplus (for the first one)
    Attached Images Attached Images

  11. #11
    SitePoint Wizard jax502's Avatar
    Join Date
    Jul 2003
    Location
    Jacksonville, FL
    Posts
    1,031
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hehe.. cool site..I'll play with it at home. Can't do it here at work.
    jax502

  12. #12
    SitePoint Zealot binchaud's Avatar
    Join Date
    Dec 2002
    Posts
    136
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I got to level 5 then got stuck.

  13. #13
    SitePoint Wizard silver trophy someonewhois's Avatar
    Join Date
    Jan 2002
    Location
    Canada
    Posts
    6,364
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Which one was level 5? The "Send sam his password" one or the secured "Send sam his password"?

  14. #14
    Phil fillup07's Avatar
    Join Date
    May 2002
    Location
    Jacksonville, FL
    Posts
    1,168
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I am also stuck on the improved "send sam his password"...

    I get
    Invalid referring URL. Nice try! You did something wrong... try changing your header to make me Believe!
    Any tips? I dont think I know how to change a header

  15. #15
    Made with a Mac! philm's Avatar
    Join Date
    Sep 2001
    Location
    Portsmouth, UK
    Posts
    735
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    hehe, that's where I moved onto the others

  16. #16
    Phil fillup07's Avatar
    Join Date
    May 2002
    Location
    Jacksonville, FL
    Posts
    1,168
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Fischer's Animal Products is also killing me :-)
    I've spent way too long on it... I can't figure out the sql injection I need.

    I've got the table name as level4_email and I've done stuff like this:
    http://www.hackthissite.org/missions...,2,@@version,4
    (added a row)...
    But I can't figure out how to make it list the records from level4_email table.

  17. #17
    SitePoint Wizard silver trophy someonewhois's Avatar
    Join Date
    Jan 2002
    Location
    Canada
    Posts
    6,364
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hmm.. it seems that the $_REQUEST['category'] is the table FIELD.. which is really stupid.

    If you go ?category=test

    It says
    Products

    SQL error. Unknown column 'test' in 'where clause'
    Column? Hmm. Is it possible to do a leftjoin after a WHERE?

    Poetry one was easy... It's a file manipulation.

    You just have to add a poem that's called ../index.html, and it overwrites the hacked one.. not sure if it requires you to copy the proper poetry one in or not, I did

  18. #18
    SitePoint Wizard silver trophy someonewhois's Avatar
    Join Date
    Jan 2002
    Location
    Canada
    Posts
    6,364
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Also, for the send sam his pwd: http://refspoof.mozdev.org/

  19. #19
    Phil fillup07's Avatar
    Join Date
    May 2002
    Location
    Jacksonville, FL
    Posts
    1,168
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I've got 240 so far...

  20. #20
    SitePoint Zealot
    Join Date
    May 2001
    Location
    UK
    Posts
    184
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Nice site.

    Did the Basic / learning ones yesterday and some of missons (1,2,3,5,6,7) today .. I think there is a bug in 4 as I get an SQL error and heard others got the same.

    Ranked 2836 of 68158 users with 525 points.

    Will save the other missons and application stuff for another day I think :-)

    Do you know any similar sites?

  21. #21
    SitePoint Wizard silver trophy someonewhois's Avatar
    Join Date
    Jan 2002
    Location
    Canada
    Posts
    6,364
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    The third one gives a PHP error, and that relates to the 4th one. When you punch the pwd into stage 4, it actually passes stage 3 for you, instead. Kind of confusing.

  22. #22
    SitePoint Wizard silver trophy someonewhois's Avatar
    Join Date
    Jan 2002
    Location
    Canada
    Posts
    6,364
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Which ones did you pass MPK?

    I'm at:
    Ranked 4433 of 68160 users with 330 points.

    Realistic Missions
    Level 1 complete
    Level 2 complete
    Level 3 complete

    Basic Web Hacking
    Level 1 complete
    Level 2 complete
    Level 3 complete
    Level 4 complete
    Level 5 complete
    Level 6 complete

    Application Challenges
    Level 1 complete
    Level 2 complete
    Level 3 complete

  23. #23
    SitePoint Zealot
    Join Date
    May 2001
    Location
    UK
    Posts
    184
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hiya
    Sorry, I mean Stage 4 on the realistic missions.

    Realistic Missions
    Level 1 complete
    Level 2 complete
    Level 3 complete
    Level 5 complete
    Level 6 complete
    Level 7 complete

    Basic Web Hacking
    Level 1 complete
    Level 2 complete
    Level 3 complete
    Level 4 complete
    Level 5 complete
    Level 6 complete
    Level 7 complete
    Level 8 complete
    Level 9 complete

    As expected you get more points for the harder ones. Once all the missons are completed I believe that gives you about 2300.

    I read the forums a few times when I got stuck though so its not like I did it off the top of my head.. one day

    Personally I thought the one they classifeid as hard, #7 was actually easier than the others in some ways, as in the process is easier, but I guess working out what to do may be the harder part.

  24. #24
    ********* Genius Mike's Avatar
    Join Date
    Apr 2001
    Location
    Canada
    Posts
    5,458
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by someonewhois
    Also, for the send sam his pwd: http://refspoof.mozdev.org/

    What exactly does the script want as the referrer?
    Mike
    It's not who I am underneath, but what I do that defines me.

  25. #25
    ********* Genius Mike's Avatar
    Join Date
    Apr 2001
    Location
    Canada
    Posts
    5,458
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    I cant even get #2 under realistic missions.

    Man i suck at hacking
    Mike
    It's not who I am underneath, but what I do that defines me.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •