Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
For any nonsense or banter that doesn't fit anywhere else. LoL! omg! ROFL! 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Pages: Previous12345Next
Current Page: 3 of 5
Re: Challenge
Posted by: Anonymous User
Date: August 20, 2007 06:03PM

damn I forgot about this challenge

Options: ReplyQuote
Re: Challenge
Posted by: christ1an
Date: August 20, 2007 06:07PM

I wonder why it actually had so little relation to Web (application) security. Maybe something to take into account for the next round, rsnake. I guess you know what I mean, won't tell it now for those who are still trying.

Regards,
- http://christ1an.blogspot.com

_______________________
[[url=http://php-ids.org]php-ids.org[/url]] Web Application Security 2.0

Options: ReplyQuote
Re: Challenge
Posted by: kuza55
Date: August 20, 2007 06:14PM

NoS Wrote:
-------------------------------------------------------
> Ok, thank you RSnake for this interesting
> competition.
> Congratulations to everyone who have won and who
> will win.
> Special cheers to Stefan - man, am I curious how
> you did it.
> I'm off to sleep now - it's 2 a.m. where I'm
> living and it's off to work early in the
> morning...


Gratz NoS on being first, :)

Wooo, I got it, finally. Now I can go to class, :p

Options: ReplyQuote
Re: Challenge
Posted by: rsnake
Date: August 20, 2007 06:17PM

Congrats, Kuza55! Nice! You were pretty close an hour or so ago, you probably would have done better had you not taken the train!

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Challenge
Posted by: christ1an
Date: August 20, 2007 06:20PM

By the way, my lazy XSS attempts surely didn't work, did they? :)

Regards,
- http://christ1an.blogspot.com

_______________________
[[url=http://php-ids.org]php-ids.org[/url]] Web Application Security 2.0

Options: ReplyQuote
Re: Challenge
Posted by: kuza55
Date: August 20, 2007 06:21PM

rsnake Wrote:
-------------------------------------------------------
> Congrats, Kuza55! Nice! You were pretty close an
> hour or so ago, you probably would have done
> better had you not taken the train!


I was sorta kicked out of the house and told to go to school (stupid morning assembly, mutter, mutter, mutter) - and there are no internet cafes in my suburb, :p

And of course the one day it could have actually been useful, my XDA just refused to connect to our wifi network when I was standing just outside our apartment, *sigh*

Oh woe, oh woe, :P

Its all good, :)

P.S. Smilie abuse is fun, >_< ^_^ 0_o

Options: ReplyQuote
Re: Challenge
Posted by: Psychopath
Date: August 20, 2007 06:29PM

How can it be possible that I found clue 1 and clue 3 without finding clue 2? I wasted so much time and I just cannot win. I looked at the solution of the first challenge and concluded that there are almost infinite ways you can andle the data transmitted so that I stopped trying to solve it. I have another way to get a T-Shirt, though. I will just rob you and buy one.

Options: ReplyQuote
Re: Challenge
Posted by: rsnake
Date: August 20, 2007 06:32PM

@kuza55 - I figured something like that must have happened. Oh well, at least you are in the winner's circle where you belong.

@Psychopath - Hahah, yes, there are nearly an infinite wrong answers. But only one right one. I'll explain how it works once ten people solved it in a spoilers file. It's pretty easy once you know how it's done, but it's definitely not a simple task if you are simply brute forcing it.

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Challenge
Posted by: rsnake
Date: August 20, 2007 06:33PM

We've got a new winner, "Jibbler"! Nicely done!

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Challenge
Posted by: tx
Date: August 20, 2007 07:00PM

curse you clue3!!! what do you mean!?

-tx @ lowtech-labs.org

Options: ReplyQuote
Re: Challenge
Posted by: rsnake
Date: August 20, 2007 07:05PM

Hahaha... so close and yet so far... I guess you just need to put it all together. :)

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Challenge
Posted by: Psychopath
Date: August 20, 2007 07:10PM

Am I at least as close as some others? :D

Options: ReplyQuote
Re: Challenge
Posted by: barbarianbob
Date: August 20, 2007 07:13PM

EDIT: Nevermind. I figured out what was going on.



Edited 2 time(s). Last edit at 08/20/2007 07:33PM by barbarianbob.

Options: ReplyQuote
Re: Challenge
Posted by: rsnake
Date: August 20, 2007 07:22PM

@Psychopath - looks like you are just over 1/2 way there from what I can see. It's hard to tell because I didn't log cookie data. It would have just been too much data to sort through.

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Challenge
Posted by: Psychopath
Date: August 20, 2007 07:26PM

Ok, then I give up.

Options: ReplyQuote
Re: Challenge
Posted by: rsnake
Date: August 20, 2007 07:44PM

barbarianbob is the 8th winner! Nicely done!

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Challenge
Posted by: tx
Date: August 20, 2007 08:13PM

well time for me to go home (was I at least close?)
Good luck to everyone trying, I'll probably give it another crack later tonight after I meet with a bottle of whiskey.

-tx @ lowtech-labs.org

Options: ReplyQuote
Re: Challenge
Date: August 20, 2007 08:19PM

I'm off to bed too. It's like 05:00 here in Europe.

Stuck with the sesame and those random-looking thingies :P

Options: ReplyQuote
Re: Challenge
Posted by: rsnake
Date: August 20, 2007 08:28PM

@tx - you got the first and the third clue it looks like... so you probably were about 1/2 way there.

@AnonymousCoward42 - there are quite a few red herrings. ;) Sweet dreams.

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Challenge
Posted by: dicipulus
Date: August 20, 2007 08:34PM

Damn, I am too rusty on this stuff. Too much working with switches and routers and dumb people killing there desktops.....
I dont think I am anywhere close. And I smell like herring

Options: ReplyQuote
Re: Challenge
Posted by: psifertex
Date: August 20, 2007 08:47PM

*sigh*

4 Yes
1 No
2/6pts

So close... Grr.

Options: ReplyQuote
Re: Challenge
Posted by: istari
Date: August 20, 2007 08:54PM

6 Yes
0 No

and yet I get 2 out of 6... weird, huh?

Options: ReplyQuote
Re: Challenge
Posted by: kuza55
Date: August 20, 2007 09:03PM

istari Wrote:
-------------------------------------------------------
> 6 Yes
> 0 No
>
> and yet I get 2 out of 6... weird, huh?


Try removing/adding the cookies, I had that problem for a bit as well. Maybe that has something to do with what Stefan found?..../me is curious.

Options: ReplyQuote
Re: Challenge
Posted by: rsnake
Date: August 20, 2007 09:04PM

It doesn't have to do with what Stefan found, but please, no hints. :)

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Challenge
Posted by: kuza55
Date: August 20, 2007 09:06PM

rsnake Wrote:
-------------------------------------------------------
> It doesn't have to do with what Stefan found, but
> please, no hints. :)


Ah, sorry, my bad. Should I edit my post above?

Options: ReplyQuote
Re: Challenge
Posted by: tx
Date: August 20, 2007 09:06PM

9 or 10 winners?

-tx @ lowtech-labs.org

Options: ReplyQuote
Re: Challenge
Posted by: istari
Date: August 20, 2007 09:10PM

well, the challenge is now closed, so i guess i'm outta time :(

anyway, i found which cookie was the problem, but i couldn't fix it in time, so...

Options: ReplyQuote
Re: Challenge
Posted by: psifertex
Date: August 20, 2007 09:14PM

Ahh well, it means I can stop stressing over whatever I was missing. ;-)

Options: ReplyQuote
Re: Challenge
Posted by: psifertex
Date: August 20, 2007 09:18PM

Uhh. weird. Now the exact same input is giving me a different result. With the exact same curl as before, so it's not a caching or browser quirk issue.

Options: ReplyQuote
Re: Challenge
Posted by: rsnake
Date: August 20, 2007 09:23PM

I did notice a minor bug that might have caused part of that, which I fixed. Please resubmit whatever you tried before in the off chance that is now fixed.

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Pages: Previous12345Next
Current Page: 3 of 5


Sorry, only registered users may post in this forum.