Secure Room
I logged in as adum (and as someone else) and still get the no secrets treatment. I even got it to work with the user name field having just the word adum in it so that it will show properly on the next page.gfoot wrote:As the challenge description says, you have to log in as 'adum' in order to see his secrets.
I'm actually surprised this wasn't enough, not because it was hard but because I think I have done what I was required to do. What am I missing?
-
- Posts: 106
- Joined: Thu Oct 29, 2009 9:21 pm
I think the answer to this challenge is the password, not positive though, I solved it awhile ago.bspus wrote:I logged in as adum (and as someone else) and still get the no secrets treatment. I even got it to work with the user name field having just the word adum in it so that it will show properly on the next page.gfoot wrote:As the challenge description says, you have to log in as 'adum' in order to see his secrets.
I'm actually surprised this wasn't enough, not because it was hard but because I think I have done what I was required to do. What am I missing?
Even if I got the password, I would expect to log in and see the same "you have no secrets" message.DaymItzJack wrote:I think the answer to this challenge is the password, not positive though, I solved it awhile ago.
Considering that the challenge tells you not to try to "guess the password" as well as the fact that it asks you to break into his account and discover his "secret", it would be very misleading.
-
- Posts: 106
- Joined: Thu Oct 29, 2009 9:21 pm
I managed to log into adums account and the secret was right in front of me. I don't know exactly what you're doing but there aren't any tricks or anything.bspus wrote:Even if I got the password, I would expect to log in and see the same "you have no secrets" message.DaymItzJack wrote:I think the answer to this challenge is the password, not positive though, I solved it awhile ago.
Considering that the challenge tells you not to try to "guess the password" as well as the fact that it asks you to break into his account and discover his "secret", it would be very misleading.
I got in too by trying something slightly different. The thing is, it should have worked with my first method.
I believe the reason is that this is not a real vulnerability but just an exercise. The "exploit" is expected so it's all just make believe.
I 'll make a post in the solved section at some point to discuss it further.
edit: nevermind. My other method works now too. I wonder if something is changed
I believe the reason is that this is not a real vulnerability but just an exercise. The "exploit" is expected so it's all just make believe.
I 'll make a post in the solved section at some point to discuss it further.
edit: nevermind. My other method works now too. I wonder if something is changed
-
- Posts: 21
- Joined: Sun Jan 04, 2015 3:34 pm
-
- Posts: 1
- Joined: Mon Apr 11, 2022 4:23 am
Does Secure Room still work?
Hello! I got 500 Internal Server Error when visiting http://www.adum.com/secureroom/
Is this challenge still running?
Is this challenge still running?
-
- Forum Admin
- Posts: 496
- Joined: Sat May 28, 2011 9:14 am
- Location: Germany