Valhalla Legends Forums Archive | Fun Forum™ | Try 2 Hack.NL Challenge ;D

AuthorMessageTime
ChR0NiC
Let's see how high everybody can get

Try2Hack.nl

Right now I am on level 3.
Right now I am on level 4.
Right now I am on level 5.
Right now I am on level 6.

[Edit] It seems nobody is interested in this, perhaps this was already posted before? Well I am stuck on level 6, but iago informed me he made it to level 8. Wow ;D
August 5, 2004, 10:44 PM
peofeoknight
I don't really consider stuff like this hacking though. I mean when you are really hacking you are trying to get into something that was not designed to be hacked, something that was designed to be secure. I mean I am sure the highest level stuff is pretty hard to break, but you should not be able to break in from the website at all idealy.
August 6, 2004, 4:13 AM
crashtestdummy
Yeah I think that's the point of sites like this, ideally. I think they are trying to teach you how to look for loopholes in your website so you can protect yourself from them. And I think hacking is more digging into and understanding systems and how they run. And trying to get into something that was designed to be secure is cracking. But, I guess it's just the way you see things.
August 6, 2004, 4:20 AM
peofeoknight
Well I know a few weeks ago I was a victim of sql injection. I had the register form safe from it, also because when you enter data into an sql server db the string deliminator is '. But I forgot to run a replace statement on the login forms before I executed the code so I would not be a victim to sql injection. Through me for a little while till I said, oh ok thats how the dude got in. But my clan's site was like my first site and that was before I knew about stored procedures. Just a little embarassing. No damage could have been done.
August 6, 2004, 4:34 AM
iago
When I did some commercial sql code, I made a complete Java class to handle all the SQL stuff such that it was impossible for sql injection to occur. The only methods where it would be possible to inject sql were protected or private, with BIG warnings.

And it might not have been level 8, it was so long ago -- it was whichever one that you have to exploit a common perl script to get /etc/passwd, then crack his password. I got the hashed password, but never got around to cracking it.
August 7, 2004, 6:40 PM
kamakazie
[quote author=iago link=board=4;threadid=8035;start=0#msg74490 date=1091904037]
When I did some commercial sql code, I made a complete Java class to handle all the SQL stuff such that it was impossible for sql injection to occur. The only methods where it would be possible to inject sql were protected or private, with BIG warnings.

And it might not have been level 8, it was so long ago -- it was whichever one that you have to exploit a common perl script to get /etc/passwd, then crack his password. I got the hashed password, but never got around to cracking it.
[/quote]

After that level I think you go onto an IRC server and there is some encrypted message and then it ended and there nothing else to do. Has anyone got that far yet?
August 7, 2004, 11:34 PM

Search