User Panel
Posted: 10/18/2004 9:04:13 PM EDT
Lets see whatchya got
Hack test |
|
I think this is to much geek for this place.. try offering at http://www.slashdot.org |
|
|
Ummm...Its a game. The entire point of it is to get to hack your way to the last level. Introduction On this website you have the opportunity to improve your knowledge about internet security LEGALLY. For instance simple JavaScript is unsuitable for protecting your homepage against unauthorized access. ISATCIS will clarify it within a learning process which is based on tactical over- coming of 16 security levels where the inserted security bugs should be applied. |
|
|
I know, its just for my own satisfaction. Its funny to watch people make fun of the name 007, and yet stare at that website for hours on end trying to figure out Level 1. |
||
|
This class deals with parsing and interpreter state (the user's namespace); it does not deal with input buffering or prompting or input file naming (the filename is always passed in explicitly). The optional locals argument specifies the dictionary in which code will be executed; it defaults to a newly created dictionary with key '__name__' set to '__console__' and key '__doc__' set to None.
How about something challenging? |
|
and this is when I realise my geek is weak. |
|
|
127.25.69.4?
255.255.255.255? 0.0.0.0? 10.10.10.10? 699.548.1156.3365? wait... you using the fancy ip7 :::::000:00:00:000:1 this ain't no place for 'puter tawk. I feel a ban coming on. |
|
That was a hijack wasn't it? Apologies to the OP.
And no, you didn't guess right. |
|
For $150, I'll post satellite imagery of your neighborhood. |
|
|
I'll pass....red v blue type competitions are much more fun and you learn a hell of a lot more.
Setting up true honeypots can also be entertaining |
|
Wait until you get your next credit card statement, my hackfu is strong! |
|
|
I got through level one. I don't care enough to learn how to do the rest though. It doesn't seem that difficult though since Level 16 has been done over 11000 times.
tony Edit: Got through level 2 also. I don't even know where to start with 3 though. |
|
Well most of us are hackers here well when drinking !
Do you hack when not smoking or drinking? Bob |
|
got passed level 1, spent a minute trying to get passed level 2 then got bored. Don't you have a link to a shoot 'em up game? they are usually fun
|
|
I got past level one (my first thought was to look at the source - the hint confirmed it for me ) ...any hints on level two? I am not a "hacker" as you can see, but it has always interested me. I like the idea of doing it (and not getting in trouble) like this page does. Any good links to newbie friendly tutorials on how to figure this stuff out? |
|
|
All electronics things can be controlled without conventional hacking.
MT |
|
Level 2 is in the source code as well. Just look around for something titled M1=
I can't find level 3. I know the code =d1 but I can't find where it is defined. I think some of the harder levels need HAX0R tools. |
|
got to level 10 after about 15 min. then i got bored with it. i think ive run into similar things before. i prefer buffer overflows, social engineering, and the like. i do this for a semi living
javascript is not a security model! -foxxz |
|
Care to post a walkthrough? |
|
|
SPOILER!!!
level 1 passwd is "easy" level 2 passwd is "JavaScript" level 3 passwd is "#235711" level 4 passwd is "CODEZ" level 5 passwd is "1234" level 6 passwd is "badscript" level 7 passwd is "commander" level 8 passwd is "login" level 9 passwd is "hannover" level 10 passwd is "24*45*32+56-54/842*5623+4567" then i got bored. i did a quick backtrace. if these dont work ill try to correct my errors. alot of this is looking at the source code, downloading the files without rendering them in a browser. and knowing a programming language. doesnt have to be java. -foxxz |
|
Ok, I understand how you got the first 3, by scrutinizing the source code, but I have zero h@xx0r skillz and dont know how to do the rest. It has been a few years since I programmed, and that was little things in C. Hell, I dont even know how to reverse engineer stuff to get the code, and I have the tip-top programming suite before all that .NET shit came out, Visual Studio 6.0 Enterprise edition.
How exactly does one learn how to hack? If the answer is in violation of the CoC, please tell me so I dont attempt to violate it again. |
|
The first few levels you just look at the code, the next few you have to start downloading the files and such, one level has a link to the next level. I cant remember all of them, I actually hadnt seen the page in about a year but it surfaced in another forum. |
||
|
Heres something of a walk through for those really interested. Its a bit of a read, but there are some answers in there.
|
|
I got up to Level 14 without much trouble, and I'm 99% sure I can do level 14, but it'll have to wait until I have more free time. Honestly, it's too complicated to reasonably do it by hand on paper - I'll probably have to write some sort of program to do Level 14.
Some of the things they expect you to do are a little out there - decompile a java class, understand how HTTP works, etc. The one that will stump a lot of people is the one where the script file, when you put the address into your browser comes back without any code in it at all. There are a few ways to get around it, but packet capture was the way I did. The first few levels are pretty easy to most anyone that's done a fair amount of web coding, but the upper level ones start to get a little bit more involved. And while I'm not an expert, I am working on my Master's in IT (I have a BS IT already), so I feel somewhat qualified to comment on the "difficulty" of this stuff. |
|
My name is Stanley Jobson and I hacked into the CIA while getting a blowjob and under the pressure of having a gun to my head. Am I good or what?
|
|
Please don't call this crap hacking
This is script kiddie baby stuff |
|
Well then care to show me what isnt? I've always been interested in this stuff but have never been able to find info on it...
|
|
To a certain extent, all "hacking" is script kiddie stuff, once people start using exploits to gain access. I mean, it really does not take a genius to even write your own code to gain access to or DoS a particular computer system if that system is, say, running unpatched software for which exploits have already been identified.
Sadly enough, network "hacking" (gaining access to a remote machine or DoS) does not require a whole lot of brains to break into - most security holes are a result of poor administration or system design, and not really be attributed to the "skill" of the individual trying to break in or shut it down. A well locked down and current system, however, will keep 99% of people out, with the caveat that one cannot secure a system against an unknown method of attack or unidentified flaws in the system. As a result, you can never have 100% security, but the 0.1% of "hackers" that are going to be able to find a new hole in a secured system are going to be the real deal. Of course, if we want to talk about malware, i.e. virii, trojans, worms, and the like, then we can start talking about genius. That's where the authors are going to have a chance to shine. Getting in to a system is much more a factor of incompetence of the admins/programmers than capabilities of the so-called hacker. |
|
Got to level 11 and I don't have time for much more. I thought it ended at 10 for some reason!
|
|
ok ill be the first to say "i dont get it". I didnt even have to look at it that long either.
yes im lame and a poser my kung fu is weak. how the hell is a newb supposed to figure this shit out i dont even know what source code is |
|
Me too.... terraserver.msn.com.....but I'll do it for $75 |
||
|
127.0.0.1 Now give me 20$
I agree, this isnt hacking. P.S. Hacking is not a bad thing, its Cracking (actually destroying things thats bad). Hacking isnt destroying data like most think it is. |
||
|
All you need is a good combo dialer and your in. Simplest thing in the world.
|
|
... Your IP HAS to be 127.0.0.1 otherwise you cant communicate with your own computer. Its called your local host and it IS your IP. |
||
|
For what it's worth, it is possible to run your computer without a loopback device. So try not to sound so smarmy |
|
|
Loopbacks don't count, and they don't have to be 127.0.0.1
I do have a Swisher Sweet if you'd like to chew on that for awhile... |
|
My guess is he is running windows since he didnt know about localhost, so there for he has 127.0.0.1 which every windows computer has. Also what IP stack can run without a loopback?
well word the question better I really need that 20$ being poor in college sucks (P.S. localhost has to be 127.0.0.1 since it is the dedicated IP from the IEEE standered and anything else could interfere with normal communications, clusters not withstanding) |
||
|
http://techmall.dis.wa.gov/borders/images/bandistechmall2.jpg Railgun.... |
|
|
Actually, XP supports 127.0.0.2 as well. Most everyone has a loopback, it's how you can talk to yourself, eg. how applications can open sockets with themselves or other apps on the same local system. It should have been obvious that wasn't the IP I was looking for in my little challenge. Someone already figured out the IP of my proxy, so he gets a cigar. The IP of my modem remains undiscovered though. |
||
|
Railgun.... |
|||
|
Well, I'm insulted that you'd imply my computer belongs to the State of Washington |
||
|
Thanks |
|
|
This sort of stuff is on any good firewall, just because that IP is indeed .gov doesn't mean I will penetrate the system. Why? This isn't something wise to do in this day and age. But I can. Railgun.... |
|||
|
Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!
You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.
AR15.COM is the world's largest firearm community and is a gathering place for firearm enthusiasts of all types.
From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.
Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.
Copyright © 1996-2024 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.
AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.