find security holes in my site and i will give you money!

The event may now contine, the site is now on backslash'es server (http://www.webwhak.com/).

You can look in the news section of the page to view more.

http://root.cd (the site that this entire thread is about ;))

[+] c4p_sl0ck - found out that member list will stretch if your name will be too long [+] c4p_sl0ck - check that the shoutbox message isn't empty [+] c4p_slock - shout message should not be posted when its empty [+] backslash - shoutbox is floodable [+] backslash - put recaptcha on register/contact forms and delay on login boxes [+] backslash - make an archive system on the shoutbox [+] backslash - forgotten in the my_profile section [+] backslash - found out that the input in the shoutbox may be wayyy too long [+] backslash - if you make 2 profiles with the same name they will come on the same personal page [+] backslash - backslash was able to change my account [+] system_meltdown - found a way to set his avatar to the logout page [+] Raptor - found a xss vuln in the avatar section for IE and Opera browsers [+] paranoiahax - found out that the forum is floodable (same way as the shoutbox posts) [+] backslash - backslash social engineered me and thus managed to get full control over the site [+] tms - found a CSRF in the forum, he was able to set a thread to the logout page

(from the news section of http://root.cd) honor = CSRF/XSS LFI/RFI = 3 euro 5 euro = (blind) sql injection 10 euro = full control over site Please dont try to root it

once there is an update it will come on twitter, root.cd and here so your name will be mentioned on 3 places ;).

Greetz, Jelmer

I'll help you with design if you like ;)

I want to help you with this.. i'll add you on msn.

allright, that would be great guys :D

I'll add you too. :)

quite a few (potentially fatal) flaws! Need fixing…

So people have already tried pen testing it :)

yeah.. there are quite a few flaws that I've been able to find, not sure what others have found

I tried a lot of XSS Injections but it didn'T work with a normal account. So I think you have to gain admin rights with SQL Injection or some other exploit.

I will search a little bit xD But it hard xD

You're very well protected against XSS, that's for sure… :)

haha thanks :D

The crop circles are talking to me!!!:whoa:

[+] c4p_sl0ck - found out that memberlist will stretch if your name will be too long [+] c4p_sl0ck - check that the shoutbox message isnt empty [+] c4p_slock - shout message should not be posted when its empty [+] Austin - shoutbox is floodable [+] Austin - put recaptcha on register/contact forms and delay on login boxes [+] Austin - make an archive system on the shoutbox [+] Austin - </form> forgotten in the my_profile section [+] Austin - found out that the input in the shoutbox may be wayyy too long [+] backslash - if you make 2 profiles with the same name they will come on the same personal page [+] backslash - backslash is able to change my account but he didnt noticed i think ;) [+] system_meltdown - found a way to set his avatar to the logout page

Austin = backslash backslash = Austin

Yeah, I did realise I was able to change your profile hence this picture:

haha

lol yea i also realized that later =D anyhow, good job :P

well done to system for CSRFing it :p

can flood the forum by repeatedly pressing f5, it asks to resend the data, you want a spam filter on there. also found that you can edit several accounts with the same name and create accounts which have already been created under the same name, however this might have already been found because austin was able to edit your account as it says

Yeah, it's good fun xD looks like Paranoiahax has mention something new… forum floods! Same method as shoutbox floods.

thanks paranoiahax, i just fixed system's csrf :D

Nice one buddy :-) I think I've just found another exploit: if you go to the members lists, and click on my profile it should log you out, system seemed to have done the same thing however you said you fixed it, i'm not sure how system did it but you definitely haven't fixed it fully.

• (Similar vulnerability to System's)

URI Exploit

http://root.cd/index.php?page=memberlist&member=Admin Must be Logged In

I am able to force any member to connect to any computer on the net via Telnet through the viewing of my avatar. :happy:

¶(Similar vulnerability to System's)

EDIT: Telnet Vulnerability Fixed (I Think…) But URI Is Still Exploitable :happy:

http://root.cd/index.php?page=memberlist&member=Admin Must be Logged In

sorry, accidently deleted all users, everyone has to re register

What happened to it now? Theres nothing on the site at all.

technical chmod problems ;)

every time i post something in the shoutbox or forum and press refresh, the message is posted again… If i program a Visual Basic Application to refresh the page infinite times, i can fill your server with loads of new topics! try to fix that…

Jelmer's let me help out and give him a hand. The shoutbox is fixed now :)

backslash wrote: Jelmer's let me help out and give him a hand. The shoutbox is fixed now :)

YEP! Great! :D now the forum needs to be fixed too… the same error occurs when we reply threads, or when we start new threads ;)

evil flooders! B)

don't try to become root anymore please!

the site is moved to a server of backslash, (http://www.webwhak.com/) the contest may continue now.

http://root.cd