SignupHide Sidebar
Username: 
Password: 
Restrict session to IP 
Statistics
45 Sites
188 Challs
9146 Posts
68604 Users
45 donations
1 Shop
45 Active Sites
World of Wargame
WeChall
TheBlackSheep
Rankk
Electrica
NewbieContest
BrainQuest
Net-Force
HackThisSite
elhacker.net
TryThis0ne
TDHack
+Ma's Reversing
Hacker.org
HackBBS
Root-Me
SPOJ
Revolution Elite
W3Challs
Gekkó
Webhacking.kr
Reversing.Kr
SuNiNaTaS
Hacking-Challenges
OverTheWire.org
RedTigers Hackit
Defend the Web
Mod-X
Omega Project
ae27ff
pwnable.kr
RingZer0 Team Online CTF
pwnable.tw
Hack The Box
try to decrypt
MysteryTwister
LordofSQLi
Énigmes À Thématiques
247CTF
CryptoHack
PyDéfis
PromptRiddle
PWN.TN
pwn.college
HackMyVM
Top 10 Players
dloser
benito255
jusb3
Caesum
tehron
phoenix1204
lordOric
thefinder
Xaav
Akorlith
Last 20 Activities
AACDAI
Harrier_Du_Bois
wjsrhkdtn123
novitolpwn
jfk911
M0d3rn
Munto
rivercat
januardwiputrawarsito
adolphuZ
Blue_Box
nicearchimedes4
nicearchimedes4
aragog
PartyManCZ
Ragab
shukularuni
Arshiyaxzej
Artstanza
tutolmin
Online within 1d
40 Users
shadow123456
Harrier_Du_Bois
tutolmin
livinskull
shukularuni
PartyManCZ
kama
rivercat
Blue_Box
Haijo18
wjsrhkdtn123
inselaffe03
novitolpwn
jfk911
steven18
LouisJ
JaneQueen
Artstanza
adolphuZ
erixsen
more
WeChall->WeChall

security hole in the site

CSAW CTFChallenge Idea : Fun Factor?
Global Rank: 540
Totalscore: 47155
Posts: 37
Thanks: 21
UpVotes: 24
Registered: 12y 113d
stormsurfer`s Avatar



Last Seen: 7y 223d
The User is Offline
security hole in the site
Oct 11, 2012 - 20:39:12 (12y 109d) Google/translate2Thank You!2Good Post!0Bad Post! link
I think I found a security hole in the site. Can any admin PM me?
Global Rank: 548
Totalscore: 46179
Posts: 224
Thanks: 211
UpVotes: 222
Registered: 14y 43d
space`s Avatar
The User is Offline
1
RE: security hole in the site
Oct 11, 2012 - 20:39:56 (12y 109d) Google/translate0Thank You!0Good Post!0Bad Post! link
yep, space@wechall.net or PM
Contact only via c3BhY2VAd2VjaGFsbC5uZXQ= or PM...
Windows can be secure... but only if you don't use it Happy
Global Rank: 540
Totalscore: 47155
Posts: 37
Thanks: 21
UpVotes: 24
Registered: 12y 113d
stormsurfer`s Avatar



Last Seen: 7y 223d
The User is Offline
RE: security hole in the site
Oct 11, 2012 - 20:41:51 (12y 109d) Google/translate0Thank You!0Good Post!0Bad Post! link
How can I tell you're an admin? Smile
Global Rank: 548
Totalscore: 46179
Posts: 224
Thanks: 211
UpVotes: 222
Registered: 14y 43d
space`s Avatar
The User is Offline
1
RE: security hole in the site
Oct 11, 2012 - 20:42:40 (12y 109d) Google/translate0Thank You!0Good Post!0Bad Post! link
gizmore will tell you ;)
Contact only via c3BhY2VAd2VjaGFsbC5uZXQ= or PM...
Windows can be secure... but only if you don't use it Happy
Global Rank: 228
Totalscore: 94499
Posts: 1690
Thanks: 1363
UpVotes: 925
Registered: 16y 346d




Last Seen: 1d 14h
The User is Offline
Send EMail to gizmore
RE: security hole in the site
Oct 11, 2012 - 20:54:40 (12y 109d) Google/translate0Thank You!0Good Post!0Bad Post! link
Luckily false alert Smile

The reported problem was the public part of the challenges code from SVN, EDIT: found on warchall/opt/php/gwf3

Thanks for the report anyway!
gizmore
The geeks shall inherit the properties and methods of object earth.
Last edited by gizmore - Oct 11, 2012 - 20:56:07
Global Rank: 540
Totalscore: 47155
Posts: 37
Thanks: 21
UpVotes: 24
Registered: 12y 113d
stormsurfer`s Avatar



Last Seen: 7y 223d
The User is Offline
RE: security hole in the site
Oct 11, 2012 - 20:56:29 (12y 109d) Google/translate0Thank You!0Good Post!0Bad Post! link
ok, talked to gizmore, the www code on the warchall server is just svn, not the real stuff Smile
Totalscore: 316930
Posts: 98
Thanks: 106
UpVotes: 105
Registered: 15y 194d







Last Seen: 129d 7h
The User is Offline
RE: security hole in the site
Oct 18, 2012 - 17:42:13 (12y 103d) Google/translate0Thank You!0Good Post!0Bad Post! link
Quote from stormsurfer
Oct 11, 2012 - 20:41:51

How can I tell you're an admin? Smile


This is a good point giz. I mean the regulars know space is an admin also but the new users (sorry to throw you in that category StormSurfer) not so.
Perhaps a 'meet the team' section?

As I do it on RevEl: http://sabrefilms.co.uk/revolutionelite/admin.php


sabre
https://www.revolutionelite.co.uk/
Last edited by sabretooth - Oct 18, 2012 - 17:42:59
Global Rank: 228
Totalscore: 94499
Posts: 1690
Thanks: 1363
UpVotes: 925
Registered: 16y 346d




Last Seen: 1d 14h
The User is Offline
Send EMail to gizmore
RE: security hole in the site
Oct 18, 2012 - 19:07:11 (12y 102d) Google/translate0Thank You!0Good Post!0Bad Post! link
I didn't even know space is an admin Drool

But yes ... it seems to be an issue Smile
The geeks shall inherit the properties and methods of object earth.
Global Rank: 548
Totalscore: 46179
Posts: 224
Thanks: 211
UpVotes: 222
Registered: 14y 43d
space`s Avatar
The User is Offline
1
RE: security hole in the site
Oct 18, 2012 - 19:53:54 (12y 102d) Google/translate0Thank You!0Good Post!0Bad Post! link
http://www.wechall.net/contact
http://www.wechall.net/about_wechall

there you can watch it…

now i know sabre''s 'student' HappyHappy
Contact only via c3BhY2VAd2VjaGFsbC5uZXQ= or PM...
Windows can be secure... but only if you don't use it Happy
tunelko, stormsurfer, quangntenemy, TheHiveMind, Z, balicocat, Ge0, samuraiblanco, arraez, jcquinterov, hophuocthinh, alfamen2, burhanudinn123, Ben_Dover, stephanduran89, braddie0, SwolloW, dangarbri, csuquvq have subscribed to this thread and receive emails on new posts.
1 people are watching the thread at the moment.
This thread has been viewed 3703 times.