Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Pen Testing 2


Pen Testing 2

By psyl0cke avatarpsyl0cke | 38923 Reads |
0     0

I made this article for help people because there wasn’t any writing about this topic before. This is my first one so please don’t rate me so cruel. :)

0x01. Let’s get in! With this challenge like all the others you should start with collecting information. Read all texts, check sources, urls, input fields and take notes. When you are finished with this you should know where are the inputs of the site. Don’t think too hard it isn’t sql injection just relax and make the simplest thing you can ever imagine. [60 points]

0x02. Show off! After you logged in you will see a bunch of new interesting stuffs so you will be able to extend your sketches. I’m sure about that you have already found an interesting file which you wanted to see so bad just you wasn’t able to do that before. Now the time is arrived. [35 points]

0x03. Make my wish! I guess you basically don’t wish that to anybody (or at least I hope) but it is a simulation and you need to find a security hole. If you figured out what I was talking about ask yourself. Is only that user able to do that? [10 points] Notes: You can do the same exploit with other things too. :)

0x04. Bad joke time! If you figured out what I meant last time it was mentioned there will be a related exploit. But this time you should joke with it all around instead of playing with yourself. [40 points]

0x05. Change my mind! If you are here it means you did various things with the site. But it still seems to belong to Moshbat. Is there any way to create the site to your own image? [30 points]

I hope that you enjoyed the article and it helped you to find the exploits without ruining the wonder of discoveries. I wish you the best and if you get stucked so bad drop me a pm.

May the force be with you! ♥ psyl0cke

Comments
Rap70r's avatar
Rap70r 11 years ago

Very informative and apposite tutorial with no spoilers. I think users will find this very helpful since there are minimal information regarding pen testing 2. Nice work psyl0cke thumbs up

psyl0cke's avatar
psyl0cke 11 years ago

Thanks for the nice words. I'm so happy about your comment. :)

troll3rsk8tr's avatar
troll3rsk8tr 7 years ago

Very good and helpful article. I really liked it ad lie Rap70r said, it doesn't give to much away:)

Rymur's avatar
Rymur 5 years ago

Good write upthumbs up