New Challenge Released
New Challenge Released
<img src='challenges/images/real14.JPG' style='margin:5px;' height='130' width='115'align='left'>Realistic 14 has been released. Designed by AldarHawk this challenges teaches you a lesson that everyone will use. Its worth 40 points, so its not a too hard challenge, but for the beginners it should teach a valuable lesson that will be used all the time!
Many of you have also been bugging me to sort out javascript 14. Well i've taken a look and i cant understand why it isnt working. The source code in theory should be working fine. If any one here has good knowledge with PHP / Javascript then please take a look at the challenge and suggest a way it could be fixed.
ghost 18 years ago
Lol. Can't you just convert phpbb to ipb or something like that? I dunno heard something about it.
ghost 18 years ago
Maybe one can take an IPB skin and simply code everything necessary for using te required exploit? You could also be - how should I call it - 'inspired' by a quick peek t some IPB source, legal acquired or not… :D
ghost 18 years ago
What is the point of doing loads of missions where you use other people code which you search to exploit? Anyway, what if the IPB version/PHPBB had a remote code execution with it. Then HBH would have a hole in a mission and get hacked by accident
ghost 18 years ago
That challenge was way too easy… I already knew of the exploit and the exact same challenge was on another hacking site before… If HBH is to be a place for hackers to test their skills in a safe environment, we shouldn't be promoting the hacking of other open-source applications such as Flog.
ghost 18 years ago
Haha look at the first reply https://sourceforge.net/forum/forum.php?thread_id=1426081&forum_id=470088 lol
ghost 18 years ago
try that link without the 's' in http http://sourceforge.net/forum/forum.php?thread_id=1426081&forum_id=470088
ghost 18 years ago
IMHO, we are lucky that last comment isn't. Yer, its because some hacking site made it a challenge and people took it the wrong way
Mr_Cheese 18 years ago
its just there to teach you to use full disclosure sites. not surposed to be a incentive to go out hacking flogs. this is just a temp mission to give you 5mins of entertainment, before we release the other realistics we have. another one is due on friday, and my uber challenge is soon to be in development, which i aim to be more involved and longer than real 11 !
ghost 18 years ago
I'd just like the point out using this exploit on other sites is pretty stupid.. and immature…
Mr_Cheese 18 years ago
and if anyone is caught doing it malisioulsy, its a instant ban and blacklist :)
ghost 18 years ago
Darth_Pengo -> Well if you use it in a white hat way it's ok to warm people their site is insecure but putting "This site was hack by *******" is really immature. I won't name anyone but just google "Powered by Flog" and you will see …
AldarHawk 18 years ago
Arto_8000: it is not really White Hat if the security flaw is a known one. the main point of this as cheese said is to make people look everywhere. I am also working on a far more indepth challenge that will hopefully be released within a few weeks (it is a 100% original CMS style hack that I am working on) and then you guys can stop complaining about this. The only reason it was released was to show that if you look you can find flaws in a lot of areas that people will not think of. ohh and BTW. This shown flaw is amended in the new release of FLog :ninja:
ghost 18 years ago
BTW. There are loads of new missions coming out soon. Off the top of my head there are 4 ready for release. Three reals in the pipeline (including yours Aldar)
AldarHawk 18 years ago
There are 4 reals plus mine in the future. I know system_meltdown, wolfmankurd and hack4u have sent(or are soon to send) them to cheese and then there is Mr. Cheeses as well. I have a few other challenges in process as well ;) I hope to have all 5 of mine released in a few months