Hack This Site (2 Viewers)
- Thread starter Martin
- Start date
Sarah, I'm throwing in the towel. Level 8 shouldn't be that hard but the guy made it hard on purpose and I can't figure it out. :irritate:
There have been lots of alerts about hotmail being insecure. In the past there was a well documented way of hacking any account, course that has been fixed a long time ago. Still, it's run by Microsoft, not quite the most security conscious company ever to exist.. :undecide:
There have been lots of alerts about hotmail being insecure. In the past there was a well documented way of hacking any account, course that has been fixed a long time ago. Still, it's run by Microsoft, not quite the most security conscious company ever to exist.. :undecide:
bah, you guys beat 3 levels while I was asleep 
but finally I got past level 5 :irritate:
Did you guys find that you had to change the Content-Length: variable from 24 to _____ ?
EDIT: Martin, you're right, level 6 is too easy.
I hope this doesn't spoil it for anyone, but all I did was type in "aaaaaaa", and that made the rest of it waaay too simple
That's a pretty poor encryption algorithm if there ever was one I mean the whole first character thing
EDIT: what's with level 7? why don't they just give away the password?
but finally I got past level 5 :irritate:
Did you guys find that you had to change the Content-Length: variable from 24 to _____ ?
EDIT: Martin, you're right, level 6 is too easy.
I hope this doesn't spoil it for anyone, but all I did was type in "aaaaaaa", and that made the rest of it waaay too simple
That's a pretty poor encryption algorithm if there ever was one I mean the whole first character thingEDIT: what's with level 7? why don't they just give away the password?
++ [ originally posted by gray ] ++
bah, you guys beat 3 levels while I was asleep
but finally I got past level 5 :irritate:
Did you guys find that you had to change the Content-Length: variable from 24 to _____ ?
bah, you guys beat 3 levels while I was asleep
but finally I got past level 5 :irritate:
Did you guys find that you had to change the Content-Length: variable from 24 to _____ ?
++ [ originally posted by gray ] ++
EDIT: Martin, you're right, level 6 is too easy.
I hope this doesn't spoil it for anyone, but all I did was type in "aaaaaaa", and that made the rest of it waaay too simple That's a pretty poor encryption algorithm if there ever was one I mean the whole first character thing
EDIT: Martin, you're right, level 6 is too easy.
I hope this doesn't spoil it for anyone, but all I did was type in "aaaaaaa", and that made the rest of it waaay too simple
That's a pretty poor encryption algorithm if there ever was one I mean the whole first character thing
++ [ originally posted by gray ] ++
EDIT: what's with level 7? why don't they just give away the password?
EDIT: what's with level 7? why don't they just give away the password?
G'morning *wave*
I got level 6 on my first try too Reminds me of pattern sequence we learn back in school Though need some help with a certain table with that last character *blush*
I don't require that at all...but I got 24 and 0 displayed just before and after the message "Password reminder successfully sent"
I got level 6 on my first try too
Reminds me of pattern sequence we learn back in school Though need some help with a certain table with that last character *blush*I don't require that at all...but I got 24 and 0 displayed just before and after the message "Password reminder successfully sent"
++ [ originally posted by gray ] ++
Damn, it's not as simple as I thought. Still, the .shtml extension of the generated file is a clue. I tried putting SSI directives into the name field, using #include virtual="../index.php", but they didn't make it that easy for us :irritate: I got the message:
any ideas Sarah or Martin?
Damn, it's not as simple as I thought. Still, the .shtml extension of the generated file is a clue. I tried putting SSI directives into the name field, using #include virtual="../index.php", but they didn't make it that easy for us :irritate: I got the message:
any ideas Sarah or Martin?
But no, I've tried all kinds of things and I can't figure out what commands are allowed and "related to finding the password file". The easiest thing would be to do a <!-- #exec cmd="ls -la .." --> but of course allowing arbitrary code isn't what he intended us to do.
