Tuesday 31 December 2013

Basic tips on hacking challenges in websites

These are the very basic tips to solve challenges and a beginner knowledge in hacking
"Google is the biggest teacher for any Security Researcher or Enthusiast".
Websites :
1.hackthissite.org
2.securityoverride.org
3.enigmagroup.org
4.wechall.net
5.dareyourmind.net
6.canyouhack.it
7.thisislegal.com
8.newbiecontest.org

Web hacking :
Tip 1 : Look for web source page by right click -> View Page Source.
Tip 2 : Use Inspect element wisely to change the data.(Right click -> Inspect Element).
Tip 3 : URL location helps you to know the directories and for SQL injection problems.
Tip 4 : Use "Tamper Data" and "Add n Edit Cookie" plugins in firefox for tampering and cookie editing         challenges.
Tip 5 : Use "No script" plugin to disable javascript  and view page source is the biggest source for javascript challenges.

Cryptography Challenges :
Best tool : Crypt tool.
Link : cryptool-online.org

You can use online version of crypt tool in the website.

Basic ciphers :
1. Base64 Decoder => base64decode.org
2.Hashes
  a. LM , NTML Hash cracker => onlinehashcrack.com
  b.md5 hash cracker => md5online.org/
  c. sha1 hash cracker => crackstation.net/
3.Caeser (ROT 13,ROT 47,Shift Caeser) cracking => online-calculators.appspot.com/caesar/
4.Morse Code (Google around a bit there is a lot of online tools).
5.Vigenere,RSA is all good in Crypt tool so i suggest to download the tool.

Monday 30 December 2013

EMC Defenders League Attack and Defense-Goodie Server Challenge

Its been long time writing blog.Umm was working something on the chrome js console otherday and came across the challenge that was given in EMC Defenders League Attack and Defense.

The challenge was this piece of symbols:
[][(![]+[])[+[[+[]]]]+([][[]]+[])[+[[!+[]+!+[]+!+[]+!+[]+!+[]]]]+(![]+[])[+[[!+[]+!+[]]]]+(!![]+[])[+[[+[]]]]+(!![]+[])[+[[!+[]+!+[]+!+[]]]]+(!![]+[])[+[[+!+[]]]]][([][(![]+[])[+[[+[]]]]+([][[]]+[])[+[[!+[]+!+[]+!+[]+!+[]+!+[]]]]+(![]+[])[+[[!+[]+!+[]]]]+(!![]+[])[+[[+[]]]]+(!![]+[])[+[[!+[]+!+[]+!+[]]]]+(!![]+[])[+[[+!+[]]]]]+[])[+[[!+[]+!+[]+!+[]]]]+([][(![]+[])[+[[+[]]]]+([][[]]+[])[+[[!+[]+!+[]+!+[]+!+[]+!+[]]]]+(![]+[])[+[[!+[]+!+[]]]]+(!![]+[])[+[[+[]]]]+(!![]+[])[+[[!+[]+!+[]+!+[]]]]+(!![]+[])[+[[+!+[]]]]]+[])[+[[!+[]+!+[]+!+[]+!+[]+!+[]+!+[]]]]+([][[]]+[])[+[[+!+[]]]]+(![]+[])[+[[!+[]+!+[]+!+[]]]]+(!![]+[])[+[[+[]]]]+(!![]+[])[+[[+!+[]]]]+([][[]]+[])[+[[+[]]]]+([][(![]+[])[+[[+[]]]]+([][[]]+[])[+[[!+[]+!+[]+!+[]+!+[]+!+[]]]]+(![]+[])[+[[!+[]+!+[]]]]+(!![]+[])[+[[+[]]]]+(!![]+[])[+[[!+[]+!+[]+!+[]]]]+(!![]+[])[+[[+!+[]]]]]+[])[+[[!+[]+!+[]+!+[]]]]+(!![]+[])[+[[+[]]]]+([][(![]+[])[+[[+[]]]]+([][[]]+[])[+[[!+[]+!+[]+!+[]+!+[]+!+[]]]]+(![]+[])[+[[!+[]+!+[]]]]+(!![]+[])[+[[+[]]]]+(!![]+[])[+[[!+[]+!+[]+!+[]]]]+(!![]+[])[+[[+!+[]]]]]+[])[+[[!+[]+!+[]+!+[]+!+[]+!+[]+!+[]]]]+(!![]+[])[+[[+!+[]]]]]((![]+[])[+[[+!+[]]]]+(![]+[])[+[[!+[]+!+[]]]]+(!![]+[])[+[[!+[]+!+[]+!+[]]]]+(!![]+[])[+[[+!+[]]]]+(!![]+[])[+[[+[]]]]+([][(![]+[])[+[[+[]]]]+([][[]]+[])[+[[!+[]+!+[]+!+

Tuesday 10 December 2013

EMC Defenders League Attack and Defense - Goodie Server Challenge

This was a hidden challenge and no one apart from our team got it.Well the file was hidden in the source code of the main page in Goodie Server.Challenge was a Steganography challenge.

You can download the image here : logo

It was simple enough to solve the challenge in minutes by using one of the popular and basic stegno tool outguess.
command : outguess -r logo_zzzzzzzzzz.jpg logo


FLAG : 3335f2c2462c8236934bc6bdd3897a588a0dc2d8