So, Sup Forums a random user posted this onion link with a cryptic message yesterday, and I went digging out of curiosity. I can't seem to get past the login with the hint though.
Any clever anons willing to try their hand at it and post creds for the rest of us? To make it worth your while, I'll post OC of my ex if you crack it.
Still tells me invalid for part 1 with "admin" - "password"
Cameron Walker
alice- LetMeIn bob - TopSecret carol-HelloWorld dave-DontHackMeBro
Jackson Adams
Part 1: admin:admin Part 2: user11235:p455w0rd Part 3: alice:LetMeIn
Carter Wilson
admin admin sorry
William Cox
bump
Tyler Torres
Part 4: cooldude2:YouFoundMe
You can find the answer in the sites response headers.
Nathaniel Butler
Part 5: Format of the ETag header tells us the server is apache. The image is located in a folder on the server /files/logo.png Apache supports directory listing by default. Go to lincsshbtaeqbcsx.onion/files/ for revelations.
David Price
forgot the name of that tank u
Caleb Lewis
Reminder: I reset the admin password to hAcKpRoOf1357
Austin Kelly
For Part 6, research SQL injection, you should be able to figure it out from there.
"Standard SQL Injection Testing Example 1 (classical SQL Injection):
Consider the following SQL query:
SELECT * FROM Users WHERE Username='$username' AND Password='$password'
A similar query is generally used from the web application in order to authenticate a user. If the query returns a value it means that inside the database a user with that set of credentials exists, then the user is allowed to login to the system, otherwise access is denied. The values of the input fields are generally obtained from the user through a web form. Suppose we insert the following Username and Password values:
$username = 1' or '1' = '1
$password = 1' or '1' = '1
The query will be:
SELECT * FROM Users WHERE Username='1' OR '1' = '1' AND Password='1' OR '1' = '1'
If we suppose that the values of the parameters are sent to the server through the GET method, and if the domain of the vulnerable web site is www.example.com, the request that we'll carry out will be:
Its like i just seen a ghost from the past when Sup Forums was more then a 13yo edgelord trying to meme but was build of ppl who knew how internet and shit worked... Btw deepweeb link are now banned. 4 chan sucks ass now
Brody Barnes
did u get it
Luis Hall
No im just lurking... This guy know his stuf ... We migth get acces to some box or someshit.... Probably childporn.....
Landon Brooks
If he can crack it of course....
Michael Morales
put 1' or '1' = '1 in user and pw
Jayden Nelson
...
James Lopez
It's funny, I just came back to Sup Forums today because I was bored. Haven't been here since 2015 when shit like this was normal. Hell, we had cicada3301 on this board. It wasn't Sup Forums or /x/ that solved that shit it was us. Guys from all over the world sitting in irc channels for days on end, taking time off work to catch an early start on the next puzzle. You're right though, it looks like Sup Forums kinda sucks now, not that it was ever good of course.
Jaxon Sanders
it updated
Matthew Flores
updated; bump
Lincoln Perez
Pretty fucking cool, this whole thing. Would love to learn c++ and SQL