And so it begins

FOSS login

x2600
7 years ago

0

We begin again with another real challenge. Good luck

47replies
12voices
590views
1image
Mugi [Mugiwara27]
7 years ago

0

Happy to see new chall !

SIGKILL [r4v463]
7 years ago

0

Yes good luck everyone ;)

f0rk [HackingGuy]
7 years ago

0

Im soo ready :)
Good luck!

cn9 [1337boy]
7 years ago

0

the question is
is it harder than crypt 9??

f0rk [HackingGuy]
7 years ago

0

Probly not.
Or maybe, lets figure out.

cn9 [1337boy]
7 years ago

0

today i got contributor medal so i’m happy with it for now ahha

x2600
7 years ago

0

Oh god I hope not. haha

Luke [flabbyrabbit]
7 years ago

0

I just realised I missed out a fairly important piece of information :p you need to try and login as the user ‘memtash’.

SIGKILL [r4v463]
7 years ago

0

Thanks for the hint :D

x2600
7 years ago

0

well damn hahah! that’s kinda important

f0rk [HackingGuy]
7 years ago

0

Lol, I was wondering. xD

? [bolofecal]
7 years ago

2

@flabbyrabbit take off the sql injection protection :p

SIGKILL [r4v463]
7 years ago

0

Yes XD

f0rk [HackingGuy]
7 years ago | edited 7 years ago

0

OMG Yes xD
Revolucion!

Mugi [Mugiwara27]
7 years ago

0

Who made the level?

b1nary
7 years ago

0

god damn it flabby i been trying as “admin” and “administrator” lol

x2600
7 years ago

0

^^ You’re not the only one b1nary

Time Void [Chronon]
7 years ago | edited 7 years ago

0

*stares at the source code…………

I know @dloser already know the solution…. He’s just… Letting us to be the first

f0rk [HackingGuy]
7 years ago

0

Lhh. How nice.

x2600
7 years ago

0

I have the username and the password:

made you look

But it doesn’t seem to be working.

b1nary
7 years ago

3

Image
lol literaly me looking at the source code past few hours

Time Void [Chronon]
7 years ago

0

^^^
^^^
*waiting for @dloser to complete it

dloser
7 years ago

0

And I was waiting for flabby to give us the username. Guess we’re done here. Close it up!

Time Void [Chronon]
7 years ago | edited 7 years ago

0

LOL YOU ALREADY COMPLETED IT
help me sensei

SIGKILL [r4v463]
7 years ago

0

Nice job dloser XD now you got your 1st place back :p

Luke [flabbyrabbit]
7 years ago

1

It wouldn’t be a new level without me making it more difficult than it needs to be :p

cn9 [1337boy]
7 years ago

0

Dloser has already solved real 8 too

TH3 Cr3aToR [L3gand]
7 years ago

0

@1337boy Real 8 ???

SIGKILL [r4v463]
7 years ago

1

dloser live in the future :p

TH3 Cr3aToR [L3gand]
7 years ago

0

hahaha, that’s funny. who is dloser really ?? can the satellite track him?

SIGKILL [r4v463]
7 years ago

0

There are several theory about dloser, some says that he’s an AI, but nobody know the truth!

Time Void [Chronon]
7 years ago

0

An AI ??? Pffft, he’s the creator of AI

x2600
7 years ago

0

He’s actually a quantum computer-based AI.

Time Void [Chronon]
7 years ago | edited 7 years ago

0

With a satelite integrated system
No… Not a satelite…. A lot of satelite

And dont forget a giant spacestation with some of his server inside

SIGKILL [r4v463]
7 years ago

0

With HAL 9000 integrated :p

Time Void [Chronon]
7 years ago | edited 7 years ago

0

HAL 9000 ? pffft, that was just a javascript:alert("junk") for him

x2600
7 years ago

0

It’s funny because at this point it is difficult to tell what a spoiler would be to the challenge.

f0rk [HackingGuy]
7 years ago

0

Spoiler:

PHP

SIGKILL [r4v463]
7 years ago

0

Omagad flag + remove spoiler + lifeban !!!!

? [bolofecal]
7 years ago

0

Thanks @HackingGuy I was trying searching some vulnerability in css file.

f0rk [HackingGuy]
7 years ago | edited 7 years ago

0

Anytime @bolofecal ;)

Time Void [Chronon]
7 years ago

0

Hint :

look at the source code

Markb2
7 years ago

2

I’m just gonna leave this here, lol…

http://codereview.stackexchange.com/questions/133937/is-this-php-code-vulnerable-to-some-attack

The first sentence both makes me smile and cry at the same time: “So I’ve made a PHP code for a login form. But i am not sure if this code was that safe, because i am not a security expert.”.

Markb2
7 years ago

0

Oh, if you are like; What is this? Just look at the creator of the post :p

Mugi [Mugiwara27]
7 years ago

1

lol that’s beautiful Markb2
But how did you find it by yourself ? ;)

? [bolofecal]
7 years ago

0

Probably a “Social engeenering method” will be created in solution thread.

Markb2
7 years ago

0

@Mugiwara27, I found it to be the third hit on google when searching for “md5(openssl_random_pseudo_bytes(32)); vulnerability” ;).

Was just googling for the inner working of pieces of the code, since my coding and code review skills are awfull.. :p

You must be logged in to reply to this discussion. Login
1 of 48

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss