Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: hax.tor

from [Melissa] Network Security [Permanent Link]
Subject: RE: hax.tor
Date: Tue, 27 Nov 2007 22:14:52 -0500 
I may be missing the obvious here... but how the heck do I get past 2? I
know how to do the banner grab and all that, but where do I input what I got
to continue on? So frustrating, and I am drinking some tea and it's not
helping me see what I should be doing! Caffeine shmaffeine

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On
Behalf Of Captain Bock
Sent: Tuesday, November 27, 2007 12:09 PM
To: security-basics@securityfocus.com
Subject: Re: hax.tor

It's easier to add "?chosen=Pear" after the URL.

Works great

Captain Bock


On Nov 26, 2007 9:23 PM, jeffrey rivero <jeffr76@yahoo.com> wrote:

:)
use an inline HTML editor or a debug tool and edit the Options of the
form (you can change one to pear)
:)


Daniel Grant wrote:

Level 3 has completely got me too - I tried all sorts, but either im
short on coffee or not bright enough.

Anyone got it yet?

Rivest, Philippe wrote:

They just want to see if you can do a banner grabbing, theres really
nothing to it.
But I do agree that choosing the FBI is a very very VERY bad way to

be

serious, it is sending out the Hacker VS the law image and I would go
against this.

Anyhow anyone that can give me a hint to pass level 3 would be
appreciated; I tried saving the source to my pc and adding Pear as a
value. Didn't know

Any clue?

Merci

Philippe Rivest
Métro Richelieu
Analyste en sécurité & Certified Ethical Hacker
514-662-3300x3115
P Est-ce vraiment nécessaire d'imprimer cette page ?

-----Message d'origine-----
De : listbounce@securityfocus.com
[mailto:listbounce@securityfocus.com] De la part de Zimler Attila

Tamás

Envoyé : lundi 26 novembre 2007 12:29
À : 0x90
Cc : security-basics@securityfocus.com
Objet : Re: hax.tor

0x90 wrote:


 Dear List,

let me bring to your attention a site that deals with basic
security issues presented in a hackme-fashion way. You advance
on very easy levels that have hints to them and will teach
you something useful in everyday IT sec. Examples:

- exploiting buggy custom PHP scripts: bugs are taken from real life
- SQL injection
- decoding an MSSQL password from a sniffed login sequence
- decoding wcx_ftp.ini passwords
- googling the smart way
- looking up virtualhosts on a webserver
- spoofing http headers
- exploiting legal usage of web services for misc purposes
- basic mathematics: base. binary, equation
- realistic and (legal) _REALITY_ missions
- recognizing and decoding md5/des/base64/etc
- google word game ( telnet://hax.tor.hu )
- forging a DNS request
- decrypting MS-Word documents
- out-of-the-box thinking

Along the levels, you will find funny pictures to relax with,
music to listen to, maybe even ascii cow art :-)

If you are interested in the above, you may check it out here. (this
is a minimalistic site, there are no ads or overcrowded menus)

http://hax.tor.hu/

Have a nice day,
0x90






What do you want to SSH connect to FBI-s homepage?
If this is a game, why don't you provide yourself the target for
scanning it?





Attila
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: IT Security project, Rico Secada
Next by Date:  RE: Securing workstations from IT guys, Craig Wright
Previous by Thread:  Re: hax.tor, Captain Bock
Next by Thread:  Re: hax.tor, Michael Argyriou
Indexes:  [Date] [Thread] [Top] [All Lists]