Warning

 

Close

Confirm Action

Are you sure you wish to do this?

Confirm Cancel
Member Login
Site Notices
11/22/2017 10:05:29 PM
Arrow Left Previous Page
Page / 2
Posted: 10/18/2004 8:04:13 PM EST
Lets see whatchya got
Hack test
Link Posted: 10/18/2004 8:12:11 PM EST

Originally Posted By Specop_007:
Lets see whatchya got
Hack test



I think this is to much geek for this place.. try offering at http://www.slashdot.org

Link Posted: 10/18/2004 8:14:05 PM EST
Link Posted: 10/18/2004 8:14:40 PM EST
Link Posted: 10/18/2004 8:23:07 PM EST
[Last Edit: 10/18/2004 8:23:51 PM EST by Specop_007]

Originally Posted By Lumpy196:
Hmmmm, yes, everyone identify themselves as a hacker.





Ummm...Its a game. The entire point of it is to get to hack your way to the last level.

Introduction

On this website you have the opportunity to improve your knowledge about internet security LEGALLY. For instance simple JavaScript is unsuitable for protecting your homepage against unauthorized access.
ISATCIS will clarify it within a learning process which is based on tactical over- coming of 16 security levels where the inserted security bugs should be applied.
Link Posted: 10/18/2004 8:26:39 PM EST

Originally Posted By PointlessSilly:

Originally Posted By Specop_007:
Lets see whatchya got
Hack test



I think this is to much geek for this place.. try offering at http://www.slashdot.org




I know, its just for my own satisfaction. Its funny to watch people make fun of the name 007, and yet stare at that website for hours on end trying to figure out Level 1.
Link Posted: 10/18/2004 8:28:01 PM EST
This class deals with parsing and interpreter state (the user's namespace); it does not deal with input buffering or prompting or input file naming (the filename is always passed in explicitly). The optional locals argument specifies the dictionary in which code will be executed; it defaults to a newly created dictionary with key '__name__' set to '__console__' and key '__doc__' set to None.

How about something challenging?

Link Posted: 10/18/2004 8:31:45 PM EST

Originally Posted By Sin_Bin:
This class deals with parsing and interpreter state (the user's namespace); it does not deal with input buffering or prompting or input file naming (the filename is always passed in explicitly). The optional locals argument specifies the dictionary in which code will be executed; it defaults to a newly created dictionary with key '__name__' set to '__console__' and key '__doc__' set to None.

How about something challenging?




and this is when I realise my geek is weak.
Link Posted: 10/18/2004 8:31:47 PM EST
Guess my real IP address, 20 bucks if you get it right.
Link Posted: 10/18/2004 8:35:31 PM EST
127.25.69.4?

255.255.255.255?

0.0.0.0?

10.10.10.10?

699.548.1156.3365?

wait... you using the fancy ip7

:::::000:00:00:000:1

this ain't no place for 'puter tawk.

I feel a ban coming on.
Link Posted: 10/18/2004 8:42:06 PM EST
That was a hijack wasn't it? Apologies to the OP.
And no, you didn't guess right.
Link Posted: 10/18/2004 8:46:19 PM EST

Originally Posted By tumbleweed:
That was a hijack wasn't it? Apologies to the OP.
And no, you didn't guess right.



For $150, I'll post satellite imagery of your neighborhood.
Link Posted: 10/18/2004 8:48:18 PM EST
I'll pass....red v blue type competitions are much more fun and you learn a hell of a lot more.

Setting up true honeypots can also be entertaining
Link Posted: 10/18/2004 8:48:28 PM EST

Originally Posted By Specop_007:
Lets see whatchya got
Hack test



Wait until you get your next credit card statement, my hackfu is strong!
Link Posted: 10/18/2004 8:51:10 PM EST
[Last Edit: 10/18/2004 9:09:19 PM EST by Hexagram13]
I got through level one. I don't care enough to learn how to do the rest though. It doesn't seem that difficult though since Level 16 has been done over 11000 times.
tony

Edit: Got through level 2 also. I don't even know where to start with 3 though.
Link Posted: 10/18/2004 8:53:07 PM EST
Well most of us are hackers here well when drinking !

Do you hack when not smoking or drinking?

Bob
Link Posted: 10/18/2004 8:56:50 PM EST
got passed level 1, spent a minute trying to get passed level 2 then got bored. Don't you have a link to a shoot 'em up game? they are usually fun
Link Posted: 10/18/2004 8:58:56 PM EST

Originally Posted By Specop_007:
Lets see whatchya got
Hack test



I got past level one (my first thought was to look at the source - the hint confirmed it for me ) ...any hints on level two? I am not a "hacker" as you can see, but it has always interested me. I like the idea of doing it (and not getting in trouble) like this page does.

Any good links to newbie friendly tutorials on how to figure this stuff out?
Link Posted: 10/18/2004 9:02:45 PM EST
All electronics things can be controlled without conventional hacking.



MT
Link Posted: 10/18/2004 9:03:03 PM EST
Level 2 is in the source code as well. Just look around for something titled M1=

I can't find level 3. I know the code =d1 but I can't find where it is defined. I think some of the harder levels need HAX0R tools.
Link Posted: 10/18/2004 9:08:45 PM EST
got to level 10 after about 15 min. then i got bored with it. i think ive run into similar things before. i prefer buffer overflows, social engineering, and the like. i do this for a semi living

javascript is not a security model!

-foxxz
Link Posted: 10/18/2004 9:10:05 PM EST

Originally Posted By Foxxz:
got to level 10 after about 15 min. then i got bored with it. i think ive run into similar things before. i prefer buffer overflows, social engineering, and the like. i do this for a semi living

javascript is not a security model!

-foxxz



Care to post a walkthrough?
Link Posted: 10/18/2004 9:17:00 PM EST
[Last Edit: 10/18/2004 9:17:56 PM EST by Foxxz]
SPOILER!!!



­

<­BR>



level 1 passwd is "easy"
level 2 passwd is "JavaScript"
level 3 passwd is "#235711"
level 4 passwd is "CODEZ"
level 5 passwd is "1234"
level 6 passwd is "badscript"
level 7 passwd is "commander"
level 8 passwd is "login"
level 9 passwd is "hannover"
level 10 passwd is "24*45*32+56-54/842*5623+4567"

then i got bored. i did a quick backtrace. if these dont work ill try to correct my errors. alot of this is looking at the source code, downloading the files without rendering them in a browser. and knowing a programming language. doesnt have to be java.


-foxxz
Link Posted: 10/19/2004 12:14:31 AM EST
Ok, I understand how you got the first 3, by scrutinizing the source code, but I have zero h@xx0r skillz and dont know how to do the rest. It has been a few years since I programmed, and that was little things in C. Hell, I dont even know how to reverse engineer stuff to get the code, and I have the tip-top programming suite before all that .NET shit came out, Visual Studio 6.0 Enterprise edition.


How exactly does one learn how to hack? If the answer is in violation of the CoC, please tell me so I dont attempt to violate it again.
Link Posted: 10/19/2004 1:11:42 AM EST

Originally Posted By Blackgun_Fun:

Originally Posted By Specop_007:
Lets see whatchya got
Hack test



I got past level one (my first thought was to look at the source - the hint confirmed it for me ) ...any hints on level two? I am not a "hacker" as you can see, but it has always interested me. I like the idea of doing it (and not getting in trouble) like this page does.

Any good links to newbie friendly tutorials on how to figure this stuff out?



The first few levels you just look at the code, the next few you have to start downloading the files and such, one level has a link to the next level. I cant remember all of them, I actually hadnt seen the page in about a year but it surfaced in another forum.
Link Posted: 10/19/2004 1:17:16 AM EST
Heres something of a walk through for those really interested. Its a bit of a read, but there are some answers in there.
Link Posted: 10/19/2004 6:17:46 AM EST
I got up to Level 14 without much trouble, and I'm 99% sure I can do level 14, but it'll have to wait until I have more free time. Honestly, it's too complicated to reasonably do it by hand on paper - I'll probably have to write some sort of program to do Level 14.

Some of the things they expect you to do are a little out there - decompile a java class, understand how HTTP works, etc. The one that will stump a lot of people is the one where the script file, when you put the address into your browser comes back without any code in it at all. There are a few ways to get around it, but packet capture was the way I did.

The first few levels are pretty easy to most anyone that's done a fair amount of web coding, but the upper level ones start to get a little bit more involved. And while I'm not an expert, I am working on my Master's in IT (I have a BS IT already), so I feel somewhat qualified to comment on the "difficulty" of this stuff.
Link Posted: 10/19/2004 6:58:25 AM EST
My name is Stanley Jobson and I hacked into the CIA while getting a blowjob and under the pressure of having a gun to my head. Am I good or what?
Link Posted: 10/19/2004 7:05:20 AM EST
I am
Link Posted: 10/19/2004 7:47:34 AM EST
Please don't call this crap hacking

This is script kiddie baby stuff
Link Posted: 10/19/2004 10:14:07 AM EST

This is script kiddie baby stuff


+1

-foxxz
Link Posted: 10/19/2004 11:36:00 AM EST
Well then care to show me what isnt? I've always been interested in this stuff but have never been able to find info on it...
Link Posted: 10/19/2004 11:49:12 AM EST
To a certain extent, all "hacking" is script kiddie stuff, once people start using exploits to gain access. I mean, it really does not take a genius to even write your own code to gain access to or DoS a particular computer system if that system is, say, running unpatched software for which exploits have already been identified.

Sadly enough, network "hacking" (gaining access to a remote machine or DoS) does not require a whole lot of brains to break into - most security holes are a result of poor administration or system design, and not really be attributed to the "skill" of the individual trying to break in or shut it down. A well locked down and current system, however, will keep 99% of people out, with the caveat that one cannot secure a system against an unknown method of attack or unidentified flaws in the system. As a result, you can never have 100% security, but the 0.1% of "hackers" that are going to be able to find a new hole in a secured system are going to be the real deal.

Of course, if we want to talk about malware, i.e. virii, trojans, worms, and the like, then we can start talking about genius. That's where the authors are going to have a chance to shine. Getting in to a system is much more a factor of incompetence of the admins/programmers than capabilities of the so-called hacker.
Link Posted: 10/19/2004 12:29:56 PM EST
Got to level 11 and I don't have time for much more. I thought it ended at 10 for some reason!
Link Posted: 10/19/2004 12:38:48 PM EST
ok ill be the first to say "i dont get it". I didnt even have to look at it that long either.
yes im lame and a poser my kung fu is weak.

how the hell is a newb supposed to figure this shit out i dont even know what source code is
Link Posted: 10/19/2004 12:42:08 PM EST

Originally Posted By Sin_Bin:

Originally Posted By tumbleweed:
That was a hijack wasn't it? Apologies to the OP.
And no, you didn't guess right.



For $150, I'll post satellite imagery of your neighborhood.



Me too....

terraserver.msn.com.....but I'll do it for $75
Link Posted: 10/19/2004 12:59:53 PM EST
[Last Edit: 10/19/2004 1:03:16 PM EST by x5060]

Originally Posted By tumbleweed:
Guess my real IP address, 20 bucks if you get it right.



127.0.0.1

Now give me 20$


Please don't call this crap hacking

This is script kiddie baby stuff



I agree, this isnt hacking.

P.S. Hacking is not a bad thing, its Cracking (actually destroying things thats bad). Hacking isnt destroying data like most think it is.
Link Posted: 10/19/2004 4:58:57 PM EST

Originally Posted By x5060:
127.0.0.1

Now give me 20$



Nice try. No cigar.

Link Posted: 10/19/2004 5:02:05 PM EST
All you need is a good combo dialer and your in. Simplest thing in the world.
Link Posted: 10/19/2004 5:26:05 PM EST

Originally Posted By tumbleweed:

Originally Posted By x5060:
127.0.0.1

Now give me 20$



Nice try. No cigar.




... Your IP HAS to be 127.0.0.1 otherwise you cant communicate with your own computer. Its called your local host and it IS your IP.
Link Posted: 10/19/2004 5:27:22 PM EST
[Last Edit: 10/19/2004 5:28:18 PM EST by x5060]
go ahead and ping it or Traceroute it. it is your ip.
Link Posted: 10/19/2004 5:29:05 PM EST

Originally Posted By x5060:
... Your IP HAS to be 127.0.0.1 otherwise you cant communicate with your own computer. Its called your local host and it IS your IP.

go ahead and ping it or Traceroute it. it is your ip.



For what it's worth, it is possible to run your computer without a loopback device.

So try not to sound so smarmy
Link Posted: 10/19/2004 5:31:39 PM EST
Loopbacks don't count, and they don't have to be 127.0.0.1

I do have a Swisher Sweet if you'd like to chew on that for awhile...
Link Posted: 10/19/2004 5:32:32 PM EST
NERDS!!!!!!
Link Posted: 10/19/2004 5:43:12 PM EST
[Last Edit: 10/19/2004 5:46:40 PM EST by x5060]

Originally Posted By jblachly:

For what it's worth, it is possible to run your computer without a loopback device.

So try not to sound so smarmy



My guess is he is running windows since he didnt know about localhost, so there for he has 127.0.0.1 which every windows computer has. Also what IP stack can run without a loopback?


Loopbacks don't count, and they don't have to be 127.0.0.1


well word the question better

I really need that 20$ being poor in college sucks

(P.S. localhost has to be 127.0.0.1 since it is the dedicated IP from the IEEE standered and anything else could interfere with normal communications, clusters not withstanding)
Link Posted: 10/19/2004 6:03:32 PM EST
[Last Edit: 10/19/2004 6:18:35 PM EST by Railgun]

Originally Posted By tumbleweed:
Loopbacks don't count, and they don't have to be 198.239.145.233

I do have a Swisher Sweet if you'd like to chew on that for awhile...



http://techmall.dis.wa.gov/borders/images/bandistechmall2.jpg

Railgun....
Link Posted: 10/19/2004 6:17:28 PM EST

Originally Posted By x5060:
My guess is he is running windows since he didnt know about localhost, so there for he has 127.0.0.1 which every windows computer has. Also what IP stack can run without a loopback?


Loopbacks don't count, and they don't have to be 127.0.0.1


well word the question better

I really need that 20$ being poor in college sucks

(P.S. localhost has to be 127.0.0.1 since it is the dedicated IP from the IEEE standered and anything else could interfere with normal communications, clusters not withstanding)



Actually, XP supports 127.0.0.2 as well. Most everyone has a loopback, it's how you can talk to yourself, eg. how applications can open sockets with themselves or other apps on the same local system. It should have been obvious that wasn't the IP I was looking for in my little challenge.
Someone already figured out the IP of my proxy, so he gets a cigar. The IP of my modem remains undiscovered though.
Link Posted: 10/19/2004 6:23:00 PM EST

Originally Posted By tumbleweed:

Originally Posted By x5060:
My guess is he is running windows since he didnt know about localhost, so there for he has 127.0.0.1 which every windows computer has. Also what IP stack can run without a loopback?


Loopbacks don't count, and they don't have to be 198.239.145.233


well word the question better

I really need that 20$ being poor in college sucks

(P.S. localhost has to be 127.0.0.1 since it is the dedicated IP from the IEEE standered and anything else could interfere with normal communications, clusters not withstanding)



Actually, XP supports 127.0.0.2 as well. Most everyone has a loopback, it's how you can talk to yourself, eg. how applications can open sockets with themselves or other apps on the same local system. It should have been obvious that wasn't the IP I was looking for in my little challenge.
Someone already figured out the IP of my proxy, so he gets a cigar. The IP of my modem remains undiscovered though.



Railgun....


Link Posted: 10/19/2004 6:38:10 PM EST

Originally Posted By Railgun:

Originally Posted By tumbleweed:
Loopbacks don't count, and they don't have to be 198.239.145.233



Railgun....





Well, I'm insulted that you'd imply my computer belongs to the State of Washington
Link Posted: 10/19/2004 6:40:08 PM EST

Originally Posted By Specop_007:
Heres something of a walk through for those really interested. Its a bit of a read, but there are some answers in there.



Thanks
Link Posted: 10/19/2004 6:43:46 PM EST

Originally Posted By tumbleweed:

Originally Posted By Railgun:

Originally Posted By tumbleweed:
Loopbacks don't count, and they don't have to be 198.239.145.233



Railgun....





Well, I'm insulted that you'd imply my computer belongs to the State of Washington



This sort of stuff is on any good firewall, just because that IP is indeed .gov doesn't mean I will penetrate the system. Why?

This isn't something wise to do in this day and age.

But I can.

Railgun....
Arrow Left Previous Page
Page / 2
Top Top