jipman 0 Report post Posted April 30, 2005 And here's number 3Before you try to hack this one, I have ONE hint to give you, if you don't do this right the first time, you may encounter even more difficulty to pass this test, so be carefull. Because this one is full of ambushes.http://forums.xisto.com/no_longer_exists/ps. I've run out of inspiration now, so it might take me a lot of time to write a nice new challenge 4. Notice from jipman: Here's a list of all people who have managed to hack this challenge:- flachi ps. I really wonder if someone is going to succeed, if someone pulls this off he/she is seriously good. Share this post Link to post Share on other sites
szupie 0 Report post Posted May 6, 2005 Haha, i just clicked submit on the first time and got banned... :(I'm going to try something else now... > Share this post Link to post Share on other sites
-AlPal- 0 Report post Posted May 7, 2005 How the heck do you guys do these? I have no idea on how to do any of these challenges.... And I thought I was good at computers! - AlPal Share this post Link to post Share on other sites
iGuest 3 Report post Posted May 7, 2005 Anyone want to provide clues to this, it is indeed hard, here's things that I need other people's understanding for:The wording tells us first we must find the guest, trick or no trick?None Shall Pass, this riddles me but what does it mean.And then what I understand, and what could help others:We have a form using the post method, with 3 fieldnames, two are shown and one is hidden.user="admin" # is there also a guest user?pass="" # this is what we want to findid="<?php echo md5($_SERVER['REMOTE_ADDR']); ?>" # one method of how this could be generated.In the header we're told there's many ambushes, you're only given one chance to get this right, although depends on the verification methods order. You'll be blocked by either IP address or the MD5 encryption of the address. Now the posted information relates back to the same page. action="<?php echo $_SERVER['PHP_SELF']; ?>" quite possibly.I can't tell if any database is being used, but there's no reason why we can't try SQL Injection on this but could this be a bit too much.Now lets assume the SQL query$query = "SELECT * FROM user WHERE user='{$_POST['user']}' AND pass='{$_POST['pass']}'";There seems to be checks performed on the posted information than anything else, especially the user. Then the next check would be to check if you were banned and if not show the page, however we may not be able to continue if we have been banned. If this is indeed SQL Injection, we have another query to check if we're banned or not.We maybe able to bypass the banned list or even better, remove it.First things first, is solving the riddle before attempting to try anything. If you have a dynamic IP, you've got better chances. Static IP, well anonymous web proxies that support the POST and GET methods if needs be.If anyone has any clues, they should share them.Cheers,MC Share this post Link to post Share on other sites
whyme1405241479 0 Report post Posted May 7, 2005 A quick look at the source reveals an md5 string. <h1>This is the third challenge by Jip Man</h1>This challenge is in my opinion my most difficult one (for now)<p>You only have solved this challenge if you have the admin pass, which will be clearly given to you once you solve the guest<p>Now.. here for the challenge<p><h2>None Shall Pass</h2><form method="post" action="challenge3.php"><input type="text" name="user" value="admin"><input type="password" name="pass"><input type="hidden" name="id" value="69ba754dff7c853960a8a033d3a9eede"><input type="submit" value="Login"></form> the hidden input field is the key to solving this problem.This is harder than I thought. I doubt that an SQL Injection will work on this one.I'm assuming that once you find the "guest" users password, you'll be able to clearly see the admin password.Hmm... None shall pass, I guess this is just a little cliche statment. I believe that it's an md5 encyption of the URL that you're banned by.- whymep.s. I just got myself banned on the server, trying different proxies didn't work. damnit. Share this post Link to post Share on other sites
jipman 0 Report post Posted May 8, 2005 Ehm.... maybe it is a little too difficult, so let me give you guys some hints0. You need the global password1. NO SQL, PHP only2. Think before you do because else you might be having trouble finding proxies.3. READ THE INTRODUCTION, there are NO typo's 4. About the none shall pass, did noone of you watch Monty Python & The holy grail? The scene with the blackknight was the coolest.(not really a hint but you really do have to watch that movie, so funny)5. decrypting the md5 hash might be worth your while, it gives you quite a good hint. Or you could use logic to figure out what the hash would be ? 6. What is the most used password but also the least secure one?7. There is no place like 127.0.0.18. With all those security checks i implemented, i might have overlooked something don't i? note. I changed the POST stuff to GET stuff, because it works the same but is easier in use.ps. if changing proxies doesn't work, i think you did something wrong have fun to mastercomputers: There seems to be checks performed on the posted information than anything else, especially the user. Then the next check would be to check if you were banned and if not show the page, however we may not be able to continue if we have been banned.Wow, you are not some mindreading person are you? Good thinking .just for the heck of it, there are 27 bans activated at the moment a small note for the none shall pass, it has something to do with hint # 7. But you gotta find out in what matter Share this post Link to post Share on other sites
iGuest 3 Report post Posted May 9, 2005 [battle sounds][black Knight defeats a worthless-piece-of-crap-knight]ARTHUR: You fight with the strength of many men, Sir knight.[pause]I am Arthur, King of the Britons.[pause]I seek the finest and the bravest knights in the land tojoin me in my Court of Camelot.[pause]You have proved yourself worthy; will you join me?[pause]You make me sad. So be it. Come, Patsy.BLACK KNIGHT: None shall pass.ARTHUR: What?BLACK KNIGHT: None shall pass.ARTHUR: I have no quarrel with you, good Sir knight, but I mustcross this bridge.BLACK KNIGHT: Then you shall die.ARTHUR: I command you as King of the Britons to stand aside!BLACK KNIGHT: I move for no man.ARTHUR: So be it![hah][parry thrust][ARTHUR chops the BLACK KNIGHT's left arm off]ARTHUR: Now stand aside, worthy adversary.BLACK KNIGHT: 'Tis but a scratch.ARTHUR: A scratch? Your arm's off!BLACK KNIGHT: No, it isn't.ARTHUR: Well, what's that then?BLACK KNIGHT: I've had worse.ARTHUR: You liar!BLACK KNIGHT: Come on you pansy![hah][parry thrust][ARTHUR chops the BLACK KNIGHT's right arm off]ARTHUR: Victory is mine![kneeling]We thank thee Lord, that in thy merc-[black Knight kicks Arthur in the head while he is praying]BLACK KNIGHT: Come on then.ARTHUR: What?BLACK KNIGHT: Have at you!ARTHUR: You are indeed brave, Sir knight, but the fight is mine.BLACK KNIGHT: Oh, had enough, eh?ARTHUR: Look, you stupid bastard, you've got no arms left.BLACK KNIGHT: Yes I have.ARTHUR: Look!BLACK KNIGHT: Just a flesh wound.[Headbutts Arthur in the chest]ARTHUR: Look, stop that.BLACK KNIGHT: Chicken! Chicken!ARTHUR: Look, I'll have your leg. Right![whop][ARTHUR chops the BLACK KNIGHT's leg off]BLACK KNIGHT: Right, I'll do you for that!ARTHUR: You'll what?BLACK KNIGHT: Come 'ere!ARTHUR: What are you going to do, bleed on me?BLACK KNIGHT: I'm invincible!ARTHUR: You're a loony.BLACK KNIGHT: The Black Knight always triumphs! Have at you!Come on then.[whop][ARTHUR chops the BLACK KNIGHT's other leg off]BLACK KNIGHT: All right; we'll call it a draw.ARTHUR: Come, Patsy.BLACK KNIGHT: Oh, oh, I see, running away then. You yellowbastards! Come back here and take what's coming to you. I'll biteyour legs off! If that's not a funny scene then what is?Thanks for the hints. Now it might be possible, yet still something I may have overlooked. And there's 30 in the ban list at current.MC Share this post Link to post Share on other sites
gentoo 0 Report post Posted May 16, 2005 I got 404 error. I think I should sleep now though it is intersting... Share this post Link to post Share on other sites
jipman 0 Report post Posted May 16, 2005 At least you didn't get banned? Or did you Share this post Link to post Share on other sites
gentoo 0 Report post Posted May 17, 2005 At least you didn't get banned? Or did you <{POST_SNAPBACK}> I am not sure. I have to wait until the cache of proxy expire. Welcome Guest<p>You may view the current ban list ... Share this post Link to post Share on other sites
flachi 0 Report post Posted May 25, 2005 I solved it. :-D Share this post Link to post Share on other sites
ebbinger_413 0 Report post Posted May 25, 2005 NICHE! Share this post Link to post Share on other sites
saxsux 0 Report post Posted May 28, 2005 Your ban system's broken! Share this post Link to post Share on other sites
jipman 0 Report post Posted May 28, 2005 Yeah... Something changed on the asta serversI gotta request SSH again.Anyway, i fixed the banning problem .Although it kinda made the challenge a bit easier Share this post Link to post Share on other sites
flachi 0 Report post Posted May 29, 2005 Well... It is not hard at all to do it... You must only read all the clues on the site and slowly debug the site. Share this post Link to post Share on other sites