Unknown column 'settings_name' in 'where clause'
Notice: Undefined variable: data in /home/override/public_html/mobile/wap-maincore.php on line 284
SecurityOverride

SecurityOverride

Home Forum Articles Login

Latest Forum Posts
[ Privilege Escalation Hacking Challenges ]
Privilege escalation 1
ABergman - 21/10/2014 10:39
It said that for me too. But, aslong as you enter that every time you load the simulated Telnet page it'll work. Just tested it again to be sure. Also note that entering that doesn't pertain to the actual exploit at all.
[ Privilege Escalation Hacking Challenges ]
Privilege escalation 1
rootaccess - 21/10/2014 09:19

ABergman wrote:
Not broken, just completed it yesterday. There is a bug(?) with it, you need to set "var userip='8.8.8.8';" in your JavaScript console to be able to login. I'm assuming this is indeed a bug since logging in with the correct info without this fails and there's no information pertaining to this any other way. Someone censor me if I'm wrong. Other than that the challenge works.



i tryed this in the console.
and then it said something like var is not defined or something like that.
[ Privilege Escalation Hacking Challenges ]
Privilege escalation 1
ABergman - 20/10/2014 11:52
Not broken, just completed it yesterday. There is a bug(?) with it, you need to set "var userip='8.8.8.8';" in your JavaScript console to be able to login. I'm assuming this is indeed a bug since logging in with the correct info without this fails and there's no information pertaining to this any other way. Someone censor me if I'm wrong. Other than that the challenge works.
[ Privilege Escalation Hacking Challenges ]
Privilege escalation 1
SuperSVGA - 20/10/2014 00:33
I think it may be broken. I completed it a while ago but the method I used doesn't seem to be working. The passwords I once knew also don't seem to be working, so I don't know what's going on. Other users have reported it broken too.
[ Basic Hacking Challenges ]
Basic 14 - Some assistance for others & a request
thetechnophile - 19/10/2014 19:53
I'm here with two things, some encouragement and a possible issue that the admins may or may not be aware of.

First encouragement :) Yay.

Pay *strict* attention to the scenario wording. One of the first things I did when I started hacking/pentesting was learn the steps needed to be successful. The formula I learned was the first step was "Information Gathering" which is also called Recon. If you follow this formula, researching all the tools other hackers/pentesters use during each phase, you will be MORE successful IMO than if you just literally hack away at it, trying different things.

So, in reconning this challenge and paying attention/observing, all you need to pass it is written, you just have to research the proper combination of words used in the scenario. Others here have given you another word you can include in your search in other threads. If you do this, the exact injection you need will come up in your search results. Then you craft it accordingly.

That said, when I did the injection and passed the challenge, I got some errors spit out on the screen that I am not sure if the admins are aware of?

In any event, I would like to pass that info along. To whom do I direct this to? Override?

I don't want to post the errors here. It may not be a big deal but better to be safe than sorry, yeah?

In closing, I really enjoyed this challenge. It is my hope to one day discover my own 0day so reading up on exploits and the like is really interesting to me. To the person who created this challenge, I thank you! If it's Qwexotic, this and Decryption 7 (which I did in Excel by hand over 6 hours) was and will forever remain in my top 5 challenges completed.

-Tara