Hackerslab.org

Printable View

April 30th, 2003, 02:16 AM
s0nIc

Hackerslab.org

How many of you have done the hackerslab.org test??

how many reached Level17?

Just a trivial question.
April 30th, 2003, 03:06 AM
prodikal

im on level16 it has took me ages to get to where i am but i learned a lot in the process what level you on s0nIc ?

N/M level 15 i see
April 30th, 2003, 04:27 AM
gore

thanks to prodikal im on level 2, lol (he got me to get back into trying after me not doing it for like months)
April 30th, 2003, 07:33 AM
s0nIc

lol i just noticed something, this post never shows up in the front page. odd.. anyway yeah fancy meeting u there btw prodikal. i wasnt expectin an AOer would top my post. lol
April 30th, 2003, 08:59 AM
HTRegz

Hrmm... I had never been there until I saw this thread... Level0 was easy.. but i guess that's how it's meant to be. hehe..... I'll do Level1 tomorrow..... I figure 1 a day should be good.. besides I had a girl coming over.. and well they take priority over computers.. :D
April 30th, 2003, 11:15 AM
prodikal

level15 is murder s0nIc it took me a while to get the grasp of a one byte overflow and even longer to write the code for it meh PM me when you hvae done it and swap code if you want

gore: level 2 is easy dude

HTRegz: yep level0 is simple it starts geting hard'ish around level3 then it gets easy again upuntill level9 keep at it it's fun :P
April 30th, 2003, 12:33 PM
s0nIc

Ok, here it is Matthew aka Trojan. IF you really think you can prove how skilled you are.

I challenge you to this wargame. I dont even know if ur worth challenging since your skill sets are limmited to port scanning, packet flooding and flooding in MSN and Chat Rooms. But ill let you have a shot. If you really think you are more than just talk (coz so far thats all ive seen, all talk, no results) then show it. Prove that you are more than just all talk.

For those who doesnt know what a hacker wargame is, it is where hackers challenge eachother's skills on a dedicated server. Note this is legal since thats what the dedicated servers are for, they are offered by hackers to be used for wargames.

register in http://www.hackerslab.org/eorg/hacki...ackingzone.htm

finish all 17 levels. and if you want proof i did the test. here it is:
http://level15.hackerslab.org
http://level16.hackerslab.org/

You shouldnt have a hard time considering hackerslab is barely close to an actual wargame but since your a newb in the security industry, ill let u start with this. I wont even give you a time frame or time limmit, just to be fair with you.

I have a 14 year old cousin who is at level 10 now. dont tell me you cant match the skills set of a 14 year old when you so proudly claim the downtime of won.net was coz of you.

Now, will you chicken out trojan? or are u gonna use the excuse "im just a cracker" or whatever excuses you have under yur sleves.

This is it trojan, to prove yourself that you can reach my level. and just an advice. its a linux machine, not windows, so there will be no clickity click click with your mouse. all is pure hard core terminal command line.

are you man enough to accept my challenge?? When you come and talk to me, it better be "Seth i did it" and show me some proof. otherwise, dont bother talking to me coz i wont waste my breath on a bag of hot air script kiddie.

Pass this test, and you get my attention. Then we can move on to the next phase..
This is your only chance to prove yourself kiddo, if you can take out a network, then you shouldnt have a problem finishing this test.

Its about time we show these script kiddies how things REALLY work in the world of computer security.

NOTE: For those who dont know whats goin on, Matthew aka Trojan, a hacker wanna bee - script kiddie, thinks he could take me out. and everyone knows he's all talk but ill give him a chance to prove himself. i bet he's shittin himself while reading this LOL.

See this is where i get the upper hand. I have credentials. This script kiddie on the other hand has nothing but words.

What you say fellow AOer's? is this challenge a fair one? or am i being to harsh on our lil script kiddie? lol. if so, tell me and i shall pick a "lighter" task for him.

i mean, he even got impressed when he saw some kidd talk about packet flooding some network or server LOL. just shows how shallow his skill set is.
April 30th, 2003, 02:26 PM
Raistlyn

Sethy pooooooooooooooo LMFAO You got me way to interested to just sit back and watch LOL :D :: Looks around damn I hate being noob.....
April 30th, 2003, 02:36 PM
s0nIc

lol damn raisty cakes, whatcha doin here??? lol

Gore: level 2 is easy, want me to give u a tip?? lol
its quite easy when you realize what the answer is. LOL

if i can remember.. it was a long time ago.. LOL

i did hackerslab 2 years ago when i was in collage doing my Network+ certificate. LOL

ah yes i remember it now!! lol, u want the tip gore?? PM me if u do... lol
April 30th, 2003, 03:49 PM
HTRegz

prodikal: you seem to be right.

I just started on Level 3 and it's not one of those quick little ones like the rest of them were.... I found the file no problem, now i just have to figure out what to do with it.
April 30th, 2003, 10:32 PM
s0nIc

its easy to find the files you need do a "find -uid" followed by a uid 1 level higher than yours. goodluck gore. i moved from level 5 to level 15 in 3 days.. wasnt that hard.

oh yeah.. level15, was a stinger!!

1 byte buffer overflow didnt make sense since 1 byte isnt big enough to make a BOF.
May 1st, 2003, 12:19 AM
s0nIc

and oh yeah.. matthew, if i 4got to mention. this wargame also requires you to write and compile scripts on the spot if you want to pass levels 4 all the way to 17. can u code? oh wait.. u can only edit codes.. lol damn now ur in big trouble LOL.

HTRegz: is that the lesser prophet task??
May 9th, 2003, 04:38 AM
s0nIc

oh well, i guess i was right. he backed out. LOL

laaaaaammmeeerrrr!!!
May 9th, 2003, 04:56 AM
HTRegz

Hey S0nIc.. never saw yer question til now....

I'm on Level 4.

Kevin likes playing games in Linux. One day, he was bored and had nothing to do so he decided to play with a source file of the game. He opened the source file and added some codes and then compiled it. Get the password for the next level by using this program.
HINT: Apparently, he added only one line into the source.
May 9th, 2003, 05:16 AM
techtech

Arrrgh! I want to play too! But I can't seem to get into the site!!! Arrrgh!

ok, it's up now. . . now to see how far I can get . . .. :cool:
May 9th, 2003, 09:32 AM
r3b00+

Arra Jaysus!
I havent looked at hackerlab in ages!
Prodikal got me into way back.
Level12 i think i was on.......cant really remember.

/me now knows whats on the cards this weekend
May 9th, 2003, 10:38 AM
prodikal

Quote:

Kevin likes playing games in Linux. One day, he was bored and had nothing to do so he decided to play with a source file of the game. He opened the source file and added some codes and then compiled it. Get the password for the next level by using this program

Thats the hint for level4 correct ? i havent been on the level for ages but its basically the same as level3 exept you need to pull strings on the file. Now if we do a strings -f we get way to much output from the file so we will need to write a bash script that looks something like this

Code:

for i in `strings /usr/games/trojka`; do if [ -f "/usr/bin/$i" ]; then echo $i fi done

what that bash script does is the first line says to execute the following block for each returned entry in the list output from the inline command of strings /usr/games/trojka Each entry fills the variable i, which is then checked to see if a file with that name exists in /usr/bin/. If it does, then we print out the value of the entry ok

so now we no that we are playing with a file called ***** (you should be able to spot which one it is ;) )

so now we cd ~/tmp and create a file called ***** with vi or your preffered method and insert /bin/bash n to the file we created make it executable with chmod 750 <filename> then we set our PATH to PATH=.:$PATH then export
PATH PATh is set to call proggrams in your current directory now all we need to do is run the file /usr/games/trojka and voila then just type pass and get the password or you could enter /bin/pass in the file called *****

so what just happend we knew there was a game that had a vunerability in it we tried strings -f but the output was huge so we wrote a script to narrow it down for us. When we got the listing from the call we made with the script we got a a few files but 1 stuck out more "clear" than the others so we took advantage of that file when the vunerable file is running it has level5 permmisions and thats how we take advantage of it when we created the file called ***** and set our PATH to the directory we are working in instead of calling the file when the game is executed it calls our file we created and gives us a shell with level5 permmisions

have fun ;)
July 1st, 2003, 08:22 PM
hexadecimal

level 1 is a pain in the a$$ cause i dont know anything about linux/unix :( but im working on it
January 14th, 2004, 07:34 PM
amrishchawla

sonic had a problem with regestering need help
January 14th, 2004, 10:48 PM
Deimos326

hexadecimal-you mean level 0? yea same with me, i suck at linux/unix, i really really suck at it. im still on level0 :( I'm so much better with windows, why cant we like hack a windows 2000 server lol. can some1 help me understand how you get the passwords, dont tell me how, i just dont quite understand how your supposed to get them or where they would be.
January 14th, 2004, 11:35 PM
souleman

w00t for bringing back really old threads :)