Anyone ever gone to this site
Bl8ckr0uter
Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
in Off-Topic
Comments
-
phoeneous Member Posts: 2,333 ■■■■■■■□□□Been going there for about 8-10 years or whenever they first started. Heck, possibly since the win98 days. Good challenges!
-
Bl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□Been going there for about 8-10 years or whenever they first started. Heck, possibly since the win98 days. Good challenges!
Man I am stuck on challenge number two (javascript) any suggestions/pointers? -
NightShade03 Member Posts: 1,383 ■■■■■■■□□□Its a great site but it will make you think and you need a decent "think outside the box mind" to accomplish alot of the tasks on there.
-
dynamik Banned Posts: 12,312 ■■■■■■■■■□Man I am stuck on challenge number two (javascript) any suggestions/pointers?
You're joking, right? -
SephStorm Member Posts: 1,731 ■■■■■■■□□□No, I had only heard of javascript injectors, I had no idea how to do them! I technically still don't.
Good site, study each topic. -
Bl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□You're joking, right?
Yes and no. I clicked off of it for a while but my thing is in this script:
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-2391176-1");
pageTracker._initData();
pageTracker._trackPageview();
</script>
I believe the 2nd line should be a declaration for the password file. I also know that per the question the file was never loaded. I am just not sure how I can declare it on the page itself. Maybe I am thinking about this incorrectly.
The issue is this is like the first time I have ever looked at javascript and I don't know a lot about it. -
dynamik Banned Posts: 12,312 ■■■■■■■■■□You're on this one: http://www.hackthissite.org/missions/javascript/2 ?
If you're using Firefox, Tools > Options > Content and uncheck "Enable Javascript".
Edit: I believe that is legit Google Analytics code; it's at the bottom of every page. -
RobertKaucher Member Posts: 4,299 ■■■■■■■■■■Yes and no. I clicked off of it for a while but my thing is in this script:
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-2391176-1");
pageTracker._initData();
pageTracker._trackPageview();
</script>
I believe the 2nd line should be a declaration for the password file. I also know that per the question the file was never loaded. I am just not sure how I can declare it on the page itself. Maybe I am thinking about this incorrectly.
The issue is this is like the first time I have ever looked at javascript and I don't know a lot about it.
If the password is not loaded as value by the script, what is it's value? -
dynamik Banned Posts: 12,312 ■■■■■■■■■□Or are you on: Hack This Site! ? Just submit without entering anything. That's the first thing I did to see what error I'd get, and it said I passed
-
Bl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□You're on this one: Hack This Site! ?
If you're using Firefox, Tools > Options > Content and uncheck "Enable Javascript".
Edit: I believe that is legit Google Analytics code; it's at the bottom of every page.
Yea I failed. I googled that line of script and It did take me to a google site. That isn't the one I was on though I am on this one Hack This Site!RobertKaucher wrote: »That's the script for Google analytics. It's not a part of the challenge.
If the password is not loaded as value by the script, what is it's value?
LOL!!!! I am so fail. Man I was looking for something that wasn't there. The value declared was blank so I just hit submit and it worked.....LOLOLOr are you on: Hack This Site! ? Just submit without entering anything. That's the first thing I did to see what error I'd get, and it said I passed
Yea. I spent like 20 mins on this thing off and on (looking at American Idol). But yea I total failed on this thing -
RobertKaucher Member Posts: 4,299 ■■■■■■■■■■Dude, you can blow an entire day on that site without even noticing the time pass.
The SQL injection challenges were great fun. Learned a lot from them. -
Bl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□You're on this one: Hack This Site! ?
If you're using Firefox, Tools > Options > Content and uncheck "Enable Javascript".
Edit: I believe that is legit Google Analytics code; it's at the bottom of every page.
I just looked at this just to see what you were talking about..LOL now I understand your comment. I am not that fail. -
Bl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□RobertKaucher wrote: »Dude, you can blow an entire day on that site without even noticing the time pass.
The SQL injection challenges were great fun. Learned a lot from them.
Seems like a cool site. I will really need to raise my game though.. -
mikedisd2 Member Posts: 1,096 ■■■■■□□□□□Just discovered this site too. Half hour gone and I've only done the first 2x basic questions. Third has me totally stuffed. Nothing like being shown up as the noob I am.
-
Bl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□Just discovered this site too. Half hour gone and I've only done the first 2x basic questions. Third has me totally stuffed. Nothing like being shown up as the noob I am.
Lol you aren't the only one. I am stuck on that one as well. I found the answer on you tube but I haven't watched it. I will watch it later
YouTube - Hack This Site - Basic 3 Tutorial -
RobertKaucher Member Posts: 4,299 ■■■■■■■■■■Lol you aren't the only one. I am stuck on that one as well. I found the answer on you tube but I haven't watched it. I will watch it later
YouTube - Hack This Site - Basic 3 Tutorial
Cheater! Keep at it and ask for advice before giving in to YouTube. You will learn more. The basic challenges are really more about how you think than what you actually know. -
phoeneous Member Posts: 2,333 ■■■■■■■□□□RobertKaucher wrote: »Dude, you can blow an entire day on that site without even noticing the time pass.
The SQL injection challenges were great fun. Learned a lot from them.
And useful too. I got a free pass to a DefCon survival camp a few years back and we did a sweet lab with Metasploit. But before the lab started, the presenter had us crack into web server to get the lab notes. A simple x' or 'a' = 'a and we were in. -
Bl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□RobertKaucher wrote: »Cheater! Keep at it and ask for advice before giving in to YouTube. You will learn more. The basic challenges are really more about how you think than what you actually know.
I still haven't looked at it yet but now I feel bad
I am on basic challenge 3. Ok here is the source code for the site:
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-2391176-1");
pageTracker._initData();
pageTracker._trackPageview();
</script>
I looked to at the script itself and I did not see anything wrong with it. I looked to see maybe if something written incorrectly and it seemed right. The only thing that looked strange to me was the second line (specifically this part:
_gat._getTracker("UA-2391176-1");
because of the space and underline and the front... -
dynamik Banned Posts: 12,312 ■■■■■■■■■□I still haven't looked at it yet but now I feel bad
I am on basic challenge 3. Ok here is the source code for the site:
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-2391176-1");
pageTracker._initData();
pageTracker._trackPageview();
</script>
I looked to at the script itself and I did not see anything wrong with it. I looked to see maybe if something written incorrectly and it seemed right. The only thing that looked strange to me was the second line (specifically this part:
_gat._getTracker("UA-2391176-1");
because of the space and underline and the front...
What's your HTML/Javascript experience?
Check the hidden field in the form. -
NightShade03 Member Posts: 1,383 ■■■■■■■□□□You can also use a proxy like paros to see what is being passed back and forth in the browser.
-
tiersten Member Posts: 4,505<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-2391176-1");
pageTracker._initData();
pageTracker._trackPageview();
</script>
I looked to at the script itself and I did not see anything wrong with it. I looked to see maybe if something written incorrectly and it seemed right. The only thing that looked strange to me was the second line (specifically this part:
_gat._getTracker("UA-2391176-1");
because of the space and underline and the front...