MiniCTF Security Challenge VI: Cookie, Cookie Security challenge IV gives us a similar page to challenge III, with a changed color scheme, a dynamic member's list, and a way to register an account. So we have a way to enter a user account and the ability to read it elsewhere? Interesting. Let's continue. Try entering a single quote into the login and...
MiniCTF Security Challenge 3: SQL Injection Sadly, I haven't had much time to post due to family issues. Things have changed, and now I am back. Let's get started. Going to the third security challenge brings us a fake security company's webpage. You can read about how 1337 they are because they can change desktop backgrounds. Let's investigate further to see if we...
MiniCTF Security Challenge 2: Reversing PHP On first inspection, there is no opportunity to LFIs (Local File Inclusion) on either the home page directory for sch2 or the restricted area. However, we're given a hint at the bottom of the page that says we should look at another challenge... Well there is only one other challenge that we know so far, and...
MiniCTF Security Challenge I: We Love Apache I switched over from HTS (Hack This Site) to MiniCTF because I cannot access the website right now... In my opinion you can learn much more from MiniCTF than HTS, anyway. I hate going out of order, but for now I'm going to go over the MCTF challenges and come back to HTS later. First, we're...
Freedom of Speech This mission links to an American Nazi party website hell bent on making sure they look as ignorant as possible. I first mouse over everything which may be a link. Hack This Site actually thought it was a good idea to link to a real American national-socialist website. Thanks a lot. Anyway, you can either just highlight the entire...
Vote Raging Inferno Ryan's dishonest. He would like to have his band at the top of the local band review page even though he is dead-last. Sounds like his band sucks. Navigate to the Review page and scroll down until you see Raging Inferno, Ryan's band, and notice how the voting system works. It looks like you choose from numbers 1-5 and click...
A few days ago, I registered at hackthissite.org believing that I could accomplish anything the developers threw at me. I was wrong, of course. The basic missions are, well, basic. The realistic missions are a little more--how should I say--realistic. ;) Lucky enough for me, I have a very experienced and knowledgeable friend that has helped me learn most of what I didn't...
