New challenges
Global Rank: 73
Totalscore: 213039
Posts: 148
Thanks: 206
UpVotes: 107
Registered: 16y 64d
Last Seen: 2y 35d
The User is Offline
New challenges
Mar 25, 2009 - 11:48:58 (15y 29d)
Mar 25, 2009 - 11:48:58 (15y 29d)
Quote from Gizmore
Have fun exploiting a flaw that has been around on wechall itself for a year !
Actually this flaw only existed between Jan 19 2009 when you "dropped the evil global htmlspecialchars" and Feb 09 2009 when I noticed what you'd done
Global Rank: 253
Totalscore: 87267
Posts: 1638
Thanks: 1338
UpVotes: 886
Registered: 16y 65d
Last Seen: 3h 46m
The User is Offline
New challenges
Mar 25, 2009 - 19:42:09 (15y 29d)
Mar 25, 2009 - 19:42:09 (15y 29d)
Hmm, yeah. Might be that the old evil htmlspecialchars were secure
--------------------------------------------------------------------
Anyway i'd like to present you 2 more exploit challenges we were working on lately.
FixUs is thought of by Z and put into code by myself.
Screw SQL is a real life example of a flawed login situation i found on the web.
I hope you like the new exploit challs and i wish you all
Happy Challenging
--------------------------------------------------------------------
Anyway i'd like to present you 2 more exploit challenges we were working on lately.
FixUs is thought of by Z and put into code by myself.
Screw SQL is a real life example of a flawed login situation i found on the web.
I hope you like the new exploit challs and i wish you all
Happy Challenging
The geeks shall inherit the properties and methods of object earth.
Global Rank: 253
Totalscore: 87267
Posts: 1638
Thanks: 1338
UpVotes: 886
Registered: 16y 65d
Last Seen: 3h 46m
The User is Offline
New challenges
May 30, 2009 - 04:53:11 (14y 329d)
May 30, 2009 - 04:53:11 (14y 329d)
I added 2 new mini challenges by myself.
There are more, bigger, challenges in the queue
PHP 0815 is kinda php exploit chall, and you are given the source to fix an issue (once again).
You need a userlevel of 1 to see this content.
Hope you like them.
Happy Challenging
Gizmore
There are more, bigger, challenges in the queue
PHP 0815 is kinda php exploit chall, and you are given the source to fix an issue (once again).
You need a userlevel of 1 to see this content.
Hope you like them.
Happy Challenging
Gizmore
The geeks shall inherit the properties and methods of object earth.
Global Rank: 253
Totalscore: 87267
Posts: 1638
Thanks: 1338
UpVotes: 886
Registered: 16y 65d
Last Seen: 3h 46m
The User is Offline
New challenges
Jun 16, 2009 - 09:27:25 (14y 311d)
Jun 16, 2009 - 09:27:25 (14y 311d)
I added another challenge by me, which should nicely fit into the previous.
PHP0816 is not the best title, because the same logic error can occur in any language.
happy challenging!
PHP0816 is not the best title, because the same logic error can occur in any language.
happy challenging!
The geeks shall inherit the properties and methods of object earth.
Global Rank: 253
Totalscore: 87267
Posts: 1638
Thanks: 1338
UpVotes: 886
Registered: 16y 65d
Last Seen: 3h 46m
The User is Offline
New challenges
Aug 28, 2009 - 22:31:59 (14y 238d)
Aug 28, 2009 - 22:31:59 (14y 238d)
There have been no new challenges for a long time.
Currently, 2 more from Z are in the testing phase, and there is one new from quangntenemy and me
So, WeChall proudly presents a new, unique challenge:
Quangcurrency is kinda exploit challenge. You have to exploit a script to purchase more items than you should be allowed.
The same flaw might exist in other software too, so have fun buying unlimited items!
Many thanks to quangntenemy for the idea making a challenge out of this problem.
Also many thanks to noother, Kender and Hertz, who tested the challenge a bit, and helped to make it better.
Happy Challenging!
Currently, 2 more from Z are in the testing phase, and there is one new from quangntenemy and me
So, WeChall proudly presents a new, unique challenge:
Quangcurrency is kinda exploit challenge. You have to exploit a script to purchase more items than you should be allowed.
The same flaw might exist in other software too, so have fun buying unlimited items!
Many thanks to quangntenemy for the idea making a challenge out of this problem.
Also many thanks to noother, Kender and Hertz, who tested the challenge a bit, and helped to make it better.
Happy Challenging!
The geeks shall inherit the properties and methods of object earth.
Global Rank: 253
Totalscore: 87267
Posts: 1638
Thanks: 1338
UpVotes: 886
Registered: 16y 65d
Last Seen: 3h 46m
The User is Offline
New challenges
Aug 29, 2009 - 22:26:09 (14y 237d)
Aug 29, 2009 - 22:26:09 (14y 237d)
I created another challenge, Addslashes, which is a real mysql injection exploit challenge.
You are given the source of the login script that you need to exploit to login as Admin.
Kender gave his OK on the permission of the new database and mysql-user so it`s up and ready to get solved now.
Have fun on exploiting it
You are given the source of the login script that you need to exploit to login as Admin.
Kender gave his OK on the permission of the new database and mysql-user so it`s up and ready to get solved now.
Have fun on exploiting it
The geeks shall inherit the properties and methods of object earth.
Global Rank: 253
Totalscore: 87267
Posts: 1638
Thanks: 1338
UpVotes: 886
Registered: 16y 65d
Last Seen: 3h 46m
The User is Offline
New challenges
Sep 02, 2009 - 22:48:13 (14y 233d)
Sep 02, 2009 - 22:48:13 (14y 233d)
Hello Challengers,
Z and Gizmore proudly present 3 new challenges:
Z-Reloaded,
Credit Card Challenge Pwnage! and
Order By Query
Since a lot new challs have been released within the past days, i suggest you sort the challenge table to get an overview of additions.
Here is a summary for the 3 new challs, scroll a few posts up to see older additions.
Z-Reloaded is a basic guide to crack a system, similar to a question and answer game, from Z.
Credit Card Challenge Pwnage! combines mutltiple attacks into one offline challenge to further explore the www, from Z.
Order By Query is a blind sql injection challenge, from Gizmore.
We like to thank all the BetaTesters for their superb help.
Have fun with the new challenges!
Z & Gizmore
Z and Gizmore proudly present 3 new challenges:
Z-Reloaded,
Credit Card Challenge Pwnage! and
Order By Query
Since a lot new challs have been released within the past days, i suggest you sort the challenge table to get an overview of additions.
Here is a summary for the 3 new challs, scroll a few posts up to see older additions.
Z-Reloaded is a basic guide to crack a system, similar to a question and answer game, from Z.
Credit Card Challenge Pwnage! combines mutltiple attacks into one offline challenge to further explore the www, from Z.
Order By Query is a blind sql injection challenge, from Gizmore.
We like to thank all the BetaTesters for their superb help.
Have fun with the new challenges!
Z & Gizmore
The geeks shall inherit the properties and methods of object earth.
vs4vijay, tunelko, quangntenemy, TheHiveMind, Z, balicocat, Ge0, samuraiblanco, arraez, jcquinterov, hophuocthinh, alfamen2, burhanudinn123, Ben_Dover, stephanduran89, braddie0, JanLitwin17, SwolloW, dangarbri have subscribed to this thread and receive emails on new posts.
1 people are watching the thread at the moment.
This thread has been viewed 9190 times.
1 people are watching the thread at the moment.
This thread has been viewed 9190 times.