V3 Security Test (a "hacking" challenge)
| Author |
Message |
Dan
|
 Posted: Thu May 05, 2005 1:12 am Post subject: V3 Security Test (a "hacking" challenge) |
|
|
I have renctaely been working on a new secuity and user authenication system that could posbily implented in v3. In theroy this secuity system should be much better then the curent one and cut down on the script kiddys atacting us. Tho one of the down sides to making your own is it has not be as throyly tested as others, so i am asking any one who whonts to give it a try to try to break in to a site i have templary hosted on my laptop at home. The goal is to get to the webcam page on the site. Now some information abou the site:
URL: labs.compsci.ca
LANG: ruby (with rails api)
WEB SERVER: rails
SERVER: windows xp, 3.2ghz p4, 1gb ram, laptop
PORT: 3000
the page you are trying to get to: labs.compsci.ca/webcam/
if you are sucusfull you will see a page that has an image that is updated every 10 seconds of the litte lab i have going.
Some "know" user names: Dan, tony, aoi, jessica
The ip is not static so it is being routed throw no-ip.com services and the no-ip url is labs.no-ip.org:3000
The laptop is behind a router(linksys) with a firewall but has both ports 80 and 3000 forworded to it, there are many computers on this network with verouse hardware and OSs.
The login system is using the defualt ruby sessions for keeping track of what user is loged on. The user infromation is stored in a mysql db runing on the laptop. The db name is lab, the table with user infromation is users.
That is all the info i am going to give for now, if you do mange to get in plz tell me excatly how u got in. If you do manage to get in to any big parts of the laptop please do not do anything desturctive. Also pleas to do try burteforce atempetes to crack the password, this will work adventaualy but it will also lag my net conection and will not be helpfull to us for secuity reasons.
Any help whould be greatly apreshaed,
Thank you
Hacker Dan
P.S. this is hosted on my laptop so it may go down alot, so if the site is not up try again latter on in the day. |
| Computer Science Canada
Help with programming in C, C++, Java, PHP, Ruby, Turing, VB and more! |
|
|
|
 |
Sponsor
Sponsor
|
|
|
Paul
|
| Posted: Thu May 05, 2005 4:05 pm Post subject: (No subject) |
|
|
Oh and if someone managed to do it, after you fix whatever the problem is, don't forget to post here how you did it, if you don't mind sharing.  |
|
|
|
|
|
timmytheturtle
|
| Posted: Thu May 05, 2005 5:20 pm Post subject: Re: V3 Security Test (a "hacking" challenge) |
|
|
Hacker Dan wrote:
... Also pleas to do try burteforce atempetes to crack the password, this will work adventaualy but it will also lag my net conection and will not be helpfull to us for secuity reasons.
is that please don't try bruteforce attempts or try bruteforce attempts? |
|
|
|
|
|
GlobeTrotter
|
| Posted: Thu May 05, 2005 5:24 pm Post subject: (No subject) |
|
|
| I think its pretty obvious, from context that he meant don't. |
|
|
|
|
|
Dan
|
| Posted: Thu May 05, 2005 5:35 pm Post subject: (No subject) |
|
|
| opps, ya that is don't if you notice i posted that at 2am |
| Computer Science Canada
Help with programming in C, C++, Java, PHP, Ruby, Turing, VB and more! |
|
|
|
|
|
|
Register
Wiki
Blog
Search
Turing
Chat Room
Members
