Secure Room

Allosentient · Post by **Allosentient** » Sat Nov 22, 2008 6:18 pm

I am trying to do secure room. I was able to "login", but got "you have no secrets" which didn't work. If anyone can give me a hint as to if there is a specific approach I am missing, that would be really generous.

gfoot · Post by **gfoot** » Sat Nov 22, 2008 7:48 pm

As the challenge description says, you have to log in as 'adum' in order to see his secrets.

Allosentient · Post by **Allosentient** » Sat Nov 22, 2008 8:06 pm

I just got it, it helps to actually look up the language being used

, and the hint helped too, thanks!

m!nus · Post by **m!nus** » Tue Nov 25, 2008 2:52 pm

absolutely not worth difficulty 50, solved it in like half a minute, since my skills in that language/on that topic are a bit rusty

edit: ok, fort knox resists my skills, apparently they're too low

gfoot · Post by **gfoot** » Tue Nov 25, 2008 6:14 pm

How do you find out the difficulty ratings?

theStack · Post by **theStack** » Tue Nov 25, 2008 6:34 pm

That was a nice one.
I have never approached that type of attack before so it took my quite a while, but it was fun.

m!nus · Post by **m!nus** » Tue Nov 25, 2008 6:40 pm

gfoot wrote:How do you find out the difficulty ratings?

I wrote this hacker.org challenge overview some time ago. Doesn't work atm but I will get the error fixed asap.

gfoot · Post by **gfoot** » Tue Nov 25, 2008 7:13 pm

I don't really want to put my password into a third party site I'm afraid - is there some query I can run on hacker.org directly?

m!nus · Post by **m!nus** » Thu Dec 04, 2008 8:00 pm

oh, sorry for not answering.
I get the data the same way the flash map gets it: as XML file http://www.hacker.org/challenge/map/get.php

coolwhoop10 · Post by **coolwhoop10** » Sun May 30, 2010 3:03 am

yeah, i'm pretty stumped. as far as i've seen, the source code is not much help, but i could be pretty off. any pointers for a noob?

laz0r · Post by **laz0r** » Sun May 30, 2010 8:06 am

There are standard ways to circumvent login screens. Have you Googled that?

dj-boris · Post by **dj-boris** » Thu Dec 30, 2010 5:51 pm

I'm trying to solve the Secure Room. I've tried to inject code, but it doesn't work. The sourcecode isn't helpful, and Login with SSH or FTP as Anonymous doesn't work. Can anybody give me a hint?

DJ Boris

MyNameIsAlreadyTaken · Fri Dec 31, 2010 10:19 am

I've tried to inject code, but it doesn't work.

What code did you try to inject? This challenge isn't really complicated, you don't need any kind of software but your browser.

dj-boris · Post by **dj-boris** » Fri Dec 31, 2010 1:08 pm

I've tried to inject php codes like (With and without <?php ?>)

Code: Select all

phpinfo();
echo "Hello World";

But it doesn't work, then I tried to Inject SQL Commands in "Password" like...

Code: Select all

;SHOW tables

And it also doesn't work

Is my code a big fail or am I stupid??

Thank you, for your fast reply

rmplpmpl · Post by **rmplpmpl** » Fri Dec 31, 2010 2:55 pm

dj-boris wrote:I've tried to inject php codes like (With and without <?php ?>)
Code: Select all
phpinfo();
echo "Hello World";
But it doesn't work, then I tried to Inject SQL Commands in "Password" like...
Code: Select all
;SHOW tables
And it also doesn't work
Is my code a big fail or am I stupid??

Thank you, for your fast reply

You are pretty close, injection is a good way to hack this, perhaps you like to google some standard techniques on this?

Secure Room

Secure Room

No Idea