Author Topic: NGSec [Hacking]  (Read 22263 times)

0 Members and 1 Guest are viewing this topic.

Offline Newby

  • Moderator
  • Hero Member
  • *****
  • Posts: 10877
  • Thrash!
    • View Profile
NGSec [Hacking]
« on: January 01, 2005, 10:51:10 pm »
I'm stuck on level 10. I think the binary is encrypted. :/

http://quiz.ngsec.biz/game1
- Newby
http://www.x86labs.org

Quote
[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

I'd bet that you're currently bloated like a water ballon on a hot summer's day.

That analogy doesn't even make sense.  Why would a water balloon be especially bloated on a hot summer's day? For your sake, I hope there wasn't too much logic testing on your LSAT. 

Offline deadly7

  • 42
  • x86
  • Hero Member
  • *****
  • Posts: 6496
    • View Profile
Re: NGSec [Hacking]
« Reply #1 on: February 28, 2005, 06:09:53 pm »
I've been playing this game for the last HALF HOUR. I can't even get past level 2. i've tried this:

<Start -Run>
TELNET quiz.ngsec.com 80
(boom it opens up that)
GET /game1/level2/l33t.php HTTP/1.0

And I've even tried
GET /l33t.php HTTP/1.0

I'm a bad haxxor. :(
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
 [17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

Offline Networks

  • Full Member
  • ***
  • Posts: 415
  • I haven't visited my profile!
    • View Profile
Re: NGSec [Hacking]
« Reply #2 on: March 01, 2005, 12:05:37 pm »
I've been playing this game for the last HALF HOUR. I can't even get past level 2. i've tried this:

<Start -Run>
TELNET quiz.ngsec.com 80
(boom it opens up that)
GET /game1/level2/l33t.php HTTP/1.0

And I've even tried
GET /l33t.php HTTP/1.0

I'm a bad haxxor. :(

Don't you have to type the full URL like:

GET quiz.ngsec.com/game1/level2/l33t.php HTTP/1.0

or which ever file, I know I do that in trying to get my news text file for vanquish using the winsock control.

http://www.zeroforce.net

Quote
[16:50:11] Networks:0:32: What will soup bot be like?
[16:50:15] Warrior[x86]:16:-1: soup-like.
[16:50:21] warzofbeta@Lordaeron:0:62: Like god.
[16:50:26] Warrior[x86]:16:-1: Fake?

Offline rabbit

  • x86
  • Hero Member
  • *****
  • Posts: 8092
  • I speak for the entire clan (except Joe)
    • View Profile
Re: NGSec [Hacking]
« Reply #3 on: March 01, 2005, 06:38:29 pm »
You don't use get at all for level 2, and your request is invalid anyways:
Quote
cls
telnet quiz.ngsec.com 80
POST /game1/level2/validate_l33t.php HTTP/1.0
Host: quiz.ngsec.com
Referer: http://i.own.your.mom/
From: iown@your.mom
User-Agent: HTTPTool/1.0
Content-Type: application/x-www-form-urlencoded
Content-Length: 11

password=:)

The password and referer are WRONG, because I don't want to GIVE you the answers, but you get the point :)


[edit]
Got to level 5 in 25 minutes.  I'm stopping now to go do other things.
« Last Edit: March 01, 2005, 07:40:12 pm by R.a.B.B.i.T »

Offline Mythix

  • The Dude
  • x86
  • Hero Member
  • *****
  • Posts: 1569
  • Victory
    • View Profile
    • Dark-Wire
Re: NGSec [Hacking]
« Reply #4 on: March 01, 2005, 10:37:25 pm »
I think level 5 is where I stopped at last time and gave up on it.
Philosophy, n. A route of many roads leading from nowhere to nothing.

- Ambrose Bierce


Offline deadly7

  • 42
  • x86
  • Hero Member
  • *****
  • Posts: 6496
    • View Profile
Re: NGSec [Hacking]
« Reply #5 on: March 01, 2005, 11:12:06 pm »
You don't use get at all for level 2, and your request is invalid anyways:
Quote
cls
telnet quiz.ngsec.com 80
POST /game1/level2/validate_l33t.php HTTP/1.0
Host: quiz.ngsec.com
Referer: http://i.own.your.mom/
From: iown@your.mom
User-Agent: HTTPTool/1.0
Content-Type: application/x-www-form-urlencoded
Content-Length: 11

password=:)

The password and referer are WRONG, because I don't want to GIVE you the answers, but you get the point :)


[edit]
Got to level 5 in 25 minutes.  I'm stopping now to go do other things.

WTF ARE THOSE LINKS FOR THEN?! :(
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
 [17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

Offline rabbit

  • x86
  • Hero Member
  • *****
  • Posts: 8092
  • I speak for the entire clan (except Joe)
    • View Profile
Re: NGSec [Hacking]
« Reply #6 on: March 02, 2005, 06:10:01 pm »
Examples.

Offline deadly7

  • 42
  • x86
  • Hero Member
  • *****
  • Posts: 6496
    • View Profile
Re: NGSec [Hacking]
« Reply #7 on: March 02, 2005, 07:49:06 pm »
Not those..
Go back to the page, and then click the links it gives..
If you don't use the GET command, wtf DO you use?
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
 [17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: NGSec [Hacking]
« Reply #8 on: March 03, 2005, 01:33:15 pm »
Besides GET, there is also POST, HEAD, and I think WRITE. 

Offline rabbit

  • x86
  • Hero Member
  • *****
  • Posts: 8092
  • I speak for the entire clan (except Joe)
    • View Profile
Re: NGSec [Hacking]
« Reply #9 on: March 03, 2005, 06:28:02 pm »
The link given is an introduction to the use of HTTP, you're supposed to go further and figure out how you can do what you need to to progress.