Hackxor – Web App Hacking Game

Hackxor is a web application hacking game where players must locate and exploit vulnerabilities to progress through the story wherein you play as a blackhat hacker  hired to track down another hacker by any means possible. It contains scripts that are vulnerable to Cross Site Scripting(XSS), Cross Site Request Forgery(CSRF), Structured Query Language Injection (SQLi), Remote Command Injection(RCE), and many more. It’s also a web application running on Fedora 14.

Download & install instructions

  • 1. Download the full version of hackxor (700mb)
  • 2. Install VMWare Player (This involves creating a free account with vmware)
  • 3. Extract hackxor1.7z, run the image using VMware player.
  • 4. Work out what the IP of hackxor is ((try 172.16.93.129)|| logging into the VM with username:root pass:hackxor and typing ifconfig)
  • 5. Configure your hosts file (/etc/hosts on linux) to redirect the following domains to the IP of hackxor: wraithmail, wraithbox, cloaknet, GGHB, hub71, utrack.
  • 6. Browse to http://wraithmail:8080 and login with username:algo password:smurf

 

About the Contributor:
Shipcode is a prolific blogger of ROOTCON and at the same time an InfoSec enthusiast from Cebu. He was inspired to join ROOTCON as part of the core team to share his knowledge in information security.  He encourages other like minded individuals to come forward and share their knowledge through blogging right here at ROOTCON Blog section.
ROOTCON is managed by like minded InfoSec professionals across the Philippines.  All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.

Exploit Research and Development Course

I.C.F is proud to announce of the new official Exploit’s Research and Development course as part of the cyber warfare intelligence program. The workshop is the first out of a total of three courses all from the cyber warfare intelligence program.

About the workshop

Exploit’s Research and Development is the field of finding security vulnerabilities in software, while writing programs and tools to exploit them. This field is very interesting yet requires a lot of technical background and knowledge as a baseline in order to go in depth into.

In this workshop:

  •  We will start from the very basics and learn assembly language programming in order to prepare you for the task ahead.
  • We will learn how to exploit different vulnerabilities and bypass various security mechanisms such as DEP and ASLR.
  • We will conclude by looking at how to integrate our exploit code with frameworks such as Metasploit.

Location: Herzelia, Israel.

For additional information, please contact via email: icf@frogteam.co.il

Download Syllabus