ColdFire - Wear your Hacking Hoods...

1 2
  • This is the official discussion forum for ColdFire event...

    Like this post to subscribe to the topic.
  • for 2nd question hint is same as 1st but it's not working.

  • 2nd question is different from 1st in its approach

  • any other hint? and also does the order matter or can be solved randomly?

  • Any hints for Q2 ?

  • Order does not matter.

  • Hints for Q2 Cookie manipulation

  • for third will be get password in email? and for phone number where to look for spaces?

  • @Ankur No but u will just be able to solve,if using correct approach

  • dear Sir, Anshuman Gautam,

    funny as it may seem !

    what exactly do we have to do in Q4 ?

  • Thou doin anyone of em if tuff... but Q4 is freakin me out... :D

  • some more hint for 3rd?

  • Hint for Q 4 Read about server side includes (SSI) and its injection attacks

  • what does count of spaces means?

  • count of spaces simply means that you should not put any unnecessary spaces in your queries

  • Hint For 3 javascript injection

  • Trying 8th... Need some hints.

  • @Anshuman Gautam : Need help for the 3 rd question any further hint.

  • 8 has to be done with Brute Force

  • In 3rd question try to change e-mail using javascript injection

  • hints for 5th please

  • got all info for 7th but where to enter?

  • For 5 , Try Local File Inclusion

  • Try to find admin login panel , keeping in mind the usual practices

  • last hint is for which question?

  • This was for 7

  • Hint for Q6

    Apache BAsic Authentication of the password file is 'passwd' and directory name is somewhere in the source code

  • what do u mean by the usual practice for que 7..!!

  • @Harshit , the default admin url in most cases

1 2