hax.tor.hu Warmup Levels – Capture The Flag

hax-tor-hu-capture-the-flag-warmup-challenges

Yeah… I did take a look on CTF’s long ago. But recently i had a thought that I do like them very much. Yet another set of challenges for xp++. ūüôā .¬†I found this site earlier and managed to solve the puzzles(one, two, three may be).¬†But I decided to take a look at it later. hax.tor.hu is a very old site(founded in 2006). But it serves the purpose of learning the stuff. Many problems are not functioning because of the technology changes. Many problems relied on the old PHP¬†version flaws. But it is a very very good place to start learning some hacking (yeah. cracking too ūüôā ).

Goto Hax.Tor.Hu

In order to start solving the fruitful problems (Read it: harder challenges) you need to complete the 5 warm up challenges. Later you can obtain a username and password to save your levels. There must be nearly <=50 problems (The hard ones) according to the leaderboard. Yet you need to complete the hax.tor.hu warm up challenges to take a look.

Fine, Thanks for reading down to here. There are no direct answers here to pass these challenges (That means GET LOST). What’s the point of winning a race without opponents ( ūüôā , You got the point. Thanks). But this post will serve me as a reminder of my own journey and you get some tips if you are totally blind to the solution.

Let’s¬†dive in.

Hax.tor.hu Warm Up Challenge 1

This one was pretty easy. You can use the console (The web inspector in chrome and firefox) to output the password variable or reconstruct the variable, take a look at the javascript code to gain some insight. Trust me it’s simple… link

Hax.tor.hu Warm Up Challenge 2

This Challenge does not work. type fail in the password field to get to next level.

Hax.tor.hu Warm Up Challenge 3

please pick bacon from the list. This is simple if you know how to edit HTML source directly with chrome web inspector / firebug. all you need to do is add a new option in the select list with a value of Bacon. The above link will definitely help you to pass this hax challenge

Hax.tor.hu Warm Up Challenge 4

This challenge is little tricky. First, I have tried with user agent switching. But all browsers were banned even the android,ios, windows ones. I’ve¬†tried even without sending any UserAgent¬†information but no luck. then I take a look to hint. That shows how the HTTP works.¬†you need to have telnet installed. then connect to http://hax.tor.hu in port 80. then issue the GET command to yield the¬†password.

#this will connect us to hax.tor.hu on port 80
$telnet hax.tor.hu 80
#issue the GET command for the page which will yield the password
GET http://hax.tor.hu/pwfor4/

There you go.

Hax.tor.hu Warm Up Challenge 5

I did take¬†some time to pass this challenge. This challenge is based on hashing. We have a set of ¬†numbers shown which is the hash. We need to brute force the password(Not exactly. There is a captcha to prevent BRUTEforcing). If you type something in the password field, you get a hash of your current input and the exact output needed. I tried only one letter and I got two numbers as the output hash. so a letter has got two numbers as its hash. I thought it’s better to forget the second number. But the second number helped me to identify the number of letters in the word. There must 5 letter according to the number of numbers in the hash.

hax-tor-hu-warmup5

so the letter a->86 222, b->85 222 If the pattern continues we could make a list.

Here is the python script i wrote for the purpose

so we get three letters

d=>83, r=>69, u=>66, wait a minute the next character should have a hash of 89 but 89 is not present in the list. first, I thought of inserting capital letters. that lead me nowhere. So… There must be a change in keys. So I switch the start to 102 (I had an assumption that the word must be drunk because a 5 letter word, 3 letters are uncovered already.¬†So I tried to match¬†u => 89,¬†and the 5th letter became k=>92). There we are u=>89 and k=>92.

finally, the flag was drunk in my case. it may differ to you. anyway, try to find your flag on your own. that’s the whole point, right?

That’s the end of it. Register and start solving real problems.

Programmer, Hacker, Trainor, Speaker, and Blogger. Opensource Lover. Built LeHacker.com.

Leave a reply:

Your email address will not be published.

Site Footer