Welcome, Guest: Register On Nairaland / LOGIN! / Trending / Recent / NewStats: 3,205,003 members, 7,990,771 topics. Date: Friday, 01 November 2024 at 12:28 AM |
Nairaland Forum / Science/Technology / Webmasters / Web Market / Web Security Tutorials (18403 Views)
Join Our Practical Web Development Tutorials In Sango Otta. / Be Ur Own Boss: Learn Web Design With Our Ebook 'n' Video Tutorials!!!! / Teach Yourself Webdesign/development Using Video Tutorials (2) (3) (4)
Web Security Tutorials by Slyr0x: 1:22pm On Apr 17, 2012 |
Have you ever wanted to learn how to hack? Are you more of a hands on learner, then one that can learn from just reading out of a book? Are you interested in developing secure code by understanding how a hacker will attack your application? If you answered "yes" to any of these questions, then this site is for you. Since 2005, Enigma Group has been providing its members a legal and safe security resource where they can develop their pen-testing skills on various challenges provided by this site. These challenges cover the exploits listed in the OWASP Top 10 Project and teach members the many other types of exploits that are found in today's applications; thus, helping them to become better programmers in the mean time. By knowing your enemy, you can defeat your enemy. The missions are sub-divided into what we have below Prerequisites Pre 1 - View Source — Pre 2 - Url Modification — Pre 3 - Robots — JavaScript JavaScript 1 - Form modification — JavaScript 2 - Login Bypass — JavaScript 3 - Login Bypass — JavaScript 4 - Login Bypass — JavaScript 5 - Login Bypass — JavaScript 6 - Login Bypass — JavaScript 7 - Login Bypass — JavaScript 8 - Login Bypass — JavaScript 9 - Substrings — JavaScript 10 - charCodeAt() — JavaScript 11 - charAt();indexOf() — JavaScript 12 - Date Manipulation — Miscellaneous Misc. 1 - Header Injections — Misc. 2 - Server Side Includes — Misc. 3 - Regexp Skills — Misc. 4 - Buffer Overflows — Misc. 5 - Buffer Overflows (cont.) — Misc. 6 - Shopping Cart Exploitation — Misc. 7 - MySQL and SQL Column Truncation Vulnerabilities — Spoofing Spoofing 1 - Internet Protocol — Spoofing 2 - Useragent — Spoofing 3 - Referrer — Spoofing 4 - Resolution — Spoofing 5 - Cookie Modification — SQL Injections SQL 1 - Login Bypass — SQL 2 - Basic URL Based Injection — SQL 3 - Signature Evasion — SQL 4 - Useragent Based Injection — SQL 5 - Blind SQL Injection 1 — SQL 6 - Blind SQL Injection 2 — URL Manipulation URLManip. 1 - $_GET superglobal includes — URLManip. 2 - Hex Injection — URLManip. 3 - Hex Injection (Cont.) — Auditing Auditing 1 - PHP Audit Discovery — Auditing 2 - PHP Audit Discovery — Auditing 3 - PHP Audit Discovery — Auditing 4 - PHP Audit Discovery — Auditing 5 - PHP Audit Discovery — Auditing 6 - PHP Audit Discovery — Auditing 7 - PHP Audit Discovery — Auditing 8 - PHP Audit Discovery — Auditing 9 - PHP Audit Discovery — Auditing 10 - PHP Audit Discovery — Auditing 11 - PHP Audit Discovery — Auditing 12 - PHP Audit Discovery — Reconnaissance Reconnaissance 1 - Server IP/OS — Reconnaissance 2 - PHP Version — Reconnaissance 3 - Full Path Disclosure - Array[] — Reconnaissance 4 - Full Path Disclosure - $_SESSION[] — Reconnaissance 5 - Full Path Disclosure - Zero Division — Variable Manipulation VarManip. 1 - Local File Inclusion — VarManip. 2 - Redirection Evasion — VarManip. 3 - Remote File Inclusion — VarManip. 4 - Basic Filter Evasion — VarManip. 5 - Cross Site Request Forgery — VarManip. 6 - Carriage Return Line Feed Injection — VarManip. 7 - Null Byte Upload — VarManip. 8 - Null Byte Includes — VarManip. 9 - GIF Upload Bypass One — VarManip. 10 - GIF Upload Bypass Two — XSS (Cross Site Scripting) XSS 1 - Basic Cross Site Scripting — XSS 2 - UserAgent XSS — XSS 3 - fromCharCode XSS — XSS 4 - Basic Filter Evasion XSS — Java Applets Java Applet 1 - Basic Java Applet - Check Your Mission Answer! — Java Applet 2 - Basic Java Applet - Check Your Mission Answer! — Java Applet 3 - Basic Java Applet - Check Your Mission Answer! — Java Applet 4 - Basic Java Applet - Check Your Mission Answer! — Trust me, we are gon learn a LOT. .and we all would definitely enjoy this! SignUp Here: http://www.enigmagroup.org After Signing up, visit the mission page here http://www.enigmagroup.org/pages/basics/ and start from the Pre-requisites downwards. . Please indicate after signing up and also let's use this thread as our "discussion room". . Incase you get stuck trying to solve a mission, please feel free to ask questions HERE Please Remember: NO SPOILERS Pls Happy spl0iting 2 Likes |
Re: Web Security Tutorials by 8figure(m): 1:29pm On Apr 17, 2012 |
Cool just landed here |
Re: Web Security Tutorials by dansmog(m): 3:04pm On Apr 17, 2012 |
hope it is gonna be mind exploding? cos i have been wanting to learn hacking for the better.. thanks for bringing it up... |
Re: Web Security Tutorials by dansmog(m): 3:20pm On Apr 17, 2012 |
am still in the site and am enjoying it. thanks man! i love you |
Re: Web Security Tutorials by Slyr0x: 3:45pm On Apr 17, 2012 |
dansmog++: I luv yo gf more . . What level are you on now? |
Re: Web Security Tutorials by dansmog(m): 4:13pm On Apr 17, 2012 |
am still checking out the basic skills, yeah i know! i havent gone far.. |
Re: Web Security Tutorials by Slyr0x: 4:30pm On Apr 17, 2012 |
A mission at a time bro . .Don't rush it . . Also make sure you are putting your notepad++ /notepad into good use. . |
Re: Web Security Tutorials by dansmog(m): 5:49pm On Apr 17, 2012 |
Slyr0x, there is a problem! i thought it was gonna be tutorial on hacking? how come am seeing mission, which i need to complete, or am i not clicking on the right links? is there no tutorials cos i have only learn't html,css and am learning javascript now. |
Re: Web Security Tutorials by Slyr0x: 5:56pm On Apr 17, 2012 |
Slyr0x: Have you ever wanted to learn how to hack? Are you more of a hands on learner, then one that can learn from just reading out of a book? ^^^You have your answer here bro. . It is a hands-on hacking simulation site. . .So basically, you learn by trying to break into webapps with the little tips given. |
Re: Web Security Tutorials by 8figure(m): 9:47am On Apr 18, 2012 |
dansmog++: Hu hu hu hu ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha This guy ur funny. |
Re: Web Security Tutorials by netesy(m): 10:38am On Apr 18, 2012 |
try www.hackthissite.org thats good too!!!! never got past basic ten |
Re: Web Security Tutorials by 8figure(m): 11:20am On Apr 18, 2012 |
Just completed Javascript 8 and moved on to nine, and learned some functions. Am really enjoying this. |
Re: Web Security Tutorials by netesy(m): 11:54am On Apr 18, 2012 |
http://www.enigmagroup.org/missions/basics/pre/2/*********/******.inc the answer to pre 2 is not working 404 error and i cant move to more advance stuffs because of this iish or maybe the dontlookhere is wrong or my network is effing up |
Re: Web Security Tutorials by 8figure(m): 2:06pm On Apr 18, 2012 |
@netesy what you saw there is called path disclosure and which can lead the intending intruder into deciphering what your directory structure looks like, and as the mission title suggests, the intruder can easily modify the url to get dir listing,guess you know what it means? think a little bit there is nothing wrong with anything, the error you got is just because you got the wrong answer. |
Re: Web Security Tutorials by netesy(m): 3:48pm On Apr 18, 2012 |
how them dey do robot rubbish ehn? but IWP na eff up, the thing they dull me.....need help with a good server. |
Re: Web Security Tutorials by netesy(m): 4:09pm On Apr 18, 2012 |
User-agent: * Disallow: /f0rk/ how the f*ck do i use it? mad |
Re: Web Security Tutorials by 8figure(m): 4:28pm On Apr 18, 2012 |
go read about robots, thats what i did to pass through that level. |
Re: Web Security Tutorials by netesy(m): 4:36pm On Apr 18, 2012 |
spoiler addd this to the url of pre 3 /f0rk/ how about javascript 2,3,4,5 please? |
Re: Web Security Tutorials by Slyr0x: 4:43pm On Apr 18, 2012 |
You done with Javascript 1? |
Re: Web Security Tutorials by netesy(m): 4:56pm On Apr 18, 2012 |
yes i edited source on opera 11 PLEASE JAVA 3,4,5,6,7 help spoilers also accepted |
Re: Web Security Tutorials by 8figure(m): 5:34pm On Apr 18, 2012 |
Below is my little analysis of the javascript 9 code The long loop inner loop part is where am stuck and var confirmPass = document.login.password.value; part
|
Re: Web Security Tutorials by netesy(m): 5:40pm On Apr 18, 2012 |
how do i do this java 3 nah i can veiw the sourec on my opera 11 how is it under my nose i have cleaned it pls a spoiler needed |
Re: Web Security Tutorials by netesy(m): 8:45pm On Apr 21, 2012 |
slyr0x am i gonna get answered or not mehn help out a brother chasing you with a virus .. |
Re: Web Security Tutorials by 8figure(m): 5:39pm On Apr 25, 2012 |
<script type="text/javascript"> var year= 6 var pass=12 for(i = 1; i <= year; i++) { pass += year * i * year; } document.write(pass) /* WHEN PASS = 318338237039211050000 WHAT IS THE VALUE OF YEAR. pass += year * i * year; */ </script> I need to know where am getting it wrong when I do it manually by hand, the result is never the same with what i got from this script. Any hint? |
Re: Web Security Tutorials by webmpro(m): 6:50am On Apr 29, 2012 |
Gud job fellas am on my way! |
Re: Web Security Tutorials by 8figure(m): 1:45pm On Apr 29, 2012 |
netesy: slyr0x am i gonna get answered or not mehn help out a brother Hey whats your prob? tell me am listening |
Re: Web Security Tutorials by netesy(m): 6:27pm On Apr 29, 2012 |
Java 3 how do i veiw source code when its hidden or is dat the real code? |
Re: Web Security Tutorials by 8figure(m): 7:42pm On Apr 29, 2012 |
^^ Hey I think you need this tool to actually see what you re doing. https://addons.mozilla.org/firefox/downloads/file/123595/firebug-1.7.3-fx.xpi?src=dp-btn-primary |
Re: Web Security Tutorials by 8figure(m): 11:31am On Apr 30, 2012 |
Geez I've just completed mission 9 and you know what am now trying to figure out how i can implement what i did as a script cos I did it by hand and that's gonna be boring if the p1.length where to be like 100. I will still post the script if it would not be a spoiler. that is when am done o. 1 Share
|
Re: Web Security Tutorials by netesy(m): 1:37am On May 01, 2012 |
thanks bro am trying it Please in JavaScript 7 is it the day you registered you use? |
Re: Web Security Tutorials by netesy(m): 4:43am On May 02, 2012 |
<script language="JavaScript">Please any tip? |
Re: Web Security Tutorials by 8figure(m): 11:25am On May 02, 2012 |
@nesty what you need to study for you to beat that mission are (join,reverse and array), once you did that, you wouldn't have much to ask. I just tried it now and improved my solution with a script that solves prints out the pass for me. |
Get a responsive website/blog today at affordable cost / Solve Issues With Your Website Here, Wordpress, Joomla, PHP Script E.t.c / Get The Best Responsive Website/ Blog Today, We Also Help With Monetization
(Go Up)
Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health religion celebs tv-movies music-radio literature webmasters programming techmarket Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10) Nairaland - Copyright © 2005 - 2024 Oluwaseun Osewa. All rights reserved. See How To Advertise. 47 |