Ideas anyone?!

Re: Ideas anyone?!

Post by tgoe on Fri Nov 15, 2013 2:57 am
([msg=78174]see Re: Ideas anyone?![/msg])

What if the user actually downloaded the mission and had to have a working apache, link it back to the site for mission accomplished etc... Maybe you could do that for the riskier stuff?


It is much easier and more productive to analyze a vuln/exploit/solution publicly, rather than build an inherently limited backend verifier -- IMO.

Maybe mimic(slightly) a site like Hackforums(just an Idea, don't crucify me)


Yep, I think this would be a good move. HTS should primarily be a web forum, do away with imaginary internet points, and stop fapping to IRC.
User avatar
tgoe
Contributor
Contributor
 
Posts: 633
Joined: Sun Sep 28, 2008 2:33 pm
Location: q3dm7
Blog: View Blog (0)


Re: Ideas anyone?!

Post by Strawberry_Kittens on Fri Nov 29, 2013 10:25 pm
([msg=78350]see Re: Ideas anyone?![/msg])

Replace the horrid Java WebIRC client we've got at https://www.hackthissite.org/pages/irc/irc.php.

There are much better clients than there were when this was first added.

QWebIRC - http://qwebirc.org/
Iris - https://github.com/atheme/iris

Those are the main clients that are in-use today and the vast majority of people have replaced the java and cgi ones with these.

They're both basically the same, Iris being a fork of QWebIRC with integration with the Atheme services package.

Edit ::

Also on the subject of IRC, the idlerpg-related stuff needs a bit of love.

Suggestion 1:
- Wipe current stats since it's inactive and the bot isn't even running
- Re-setup the bot
- Restyle the idlerpg page to be more in line with the HTS main page. Follow the HTS skins, etc.

Suggestion 2:
- Create a community-supported project with the aim of rewriting the current perl idlerpg bot because it's a horrid piece of shit. IIRC it was 1,500 - 2,000 lines with minimal commenting.
- Create basic site to display top x amount of users + the 'game map'

Suggestion 3:
- Remove idlerpg all together, nobody uses it anyway.


Edit 2 ::

Also the IRC-related missions are a bit derpy in my opinion. One of them for example has to do with a DCC exploit that has been patched for like 10 years.

Edit 3 ::

I don't think the IRC stats page is actually updating. I spammed it once several years ago and I'm still ranked in the top 10. Silent-Shadow has been missing for years and he's still ranked #2. This page can probably be removed entirely and possibly replaced with some of the Atheme-related stats stuff if this network ever does switch to Atheme.

Also when on http://www.irc.hackthissite.org, clicking the 'irc stats' button will give you a bad referrer error.
Amazon Wishlist - Have I helped you in some way? Thank me by buying something on my wishlist!
Steam Wishlist - I'll play with you if it's a multiplayer game you buy.
Strawberry_Kittens
New User
New User
 
Posts: 19
Joined: Wed Apr 30, 2008 2:35 pm
Location: Hartland, Maine
Blog: View Blog (0)


Re: Ideas anyone?!

Post by calebhk98 on Tue Dec 24, 2013 4:34 pm
([msg=78588]see Re: Ideas anyone?![/msg])

If you need to have any software make it avaiable on the site so we can trust it and be sure to be able to do all the missions.
calebhk98
New User
New User
 
Posts: 2
Joined: Tue Dec 24, 2013 4:10 pm
Blog: View Blog (0)


Re: Ideas anyone?!

Post by Strawberry_Kittens on Tue Dec 24, 2013 11:56 pm
([msg=78591]see Re: Ideas anyone?![/msg])

calebhk98 wrote:If you need to have any software make it avaiable on the site so we can trust it and be sure to be able to do all the missions.

What kind of software do you need that might be 'untrusted'? Usually a simple google search can find if something is legitimate or not.
Amazon Wishlist - Have I helped you in some way? Thank me by buying something on my wishlist!
Steam Wishlist - I'll play with you if it's a multiplayer game you buy.
Strawberry_Kittens
New User
New User
 
Posts: 19
Joined: Wed Apr 30, 2008 2:35 pm
Location: Hartland, Maine
Blog: View Blog (0)


Re: Ideas anyone?!

Post by M00rlicious on Tue Dec 31, 2013 3:39 pm
([msg=78675]see Re: Ideas anyone?![/msg])

fashizzlepop wrote:BUMPPPPPPP


Also, if you find dead links, bad content, or weird, outdated stuff, post it here!!!

If anyone is willing to go through the Useful Stuff page and find newer, updated material to replace some of the tools there, it would be much appreciated.


I have contacted mShred about this through IRC, but I guess this is the official way to do it:

1. https://www.hackthissite.org/pages/info/guide/#org (needs a major update)
2. https://www.hackthissite.org/pages/info/staffcharter (needs a major update
3. https://www.hackthissite.org/pages/info ... nizing.php (dead)

Also a suggestion on the Hall of Fame:

As it stands right now you only get a place on the HoF if you have found a vulnerability or a exploit that can potentially give site administration major headache. I don't find this system doing justice to people who have been here around for many years working their ass off maintaining the forum, coding missions, the overall working of the website or taking HTS to a whole different level, but don't have the time and/or interest to participate in missions and discovering vulnerabilities.

Giving credit where credit is due, works better than japanese glue and helps HTS community grow and survive through.

I wish you all a good and fruitfull 2014.

M00r

P.s. So what I'm suggesting is giving people who belong to the previously mentioned groups also a place on the HoF. You could do this by appointing a couple of members, organizing a council/workgroup and let them decide who deserves a spot in the HoF and what a person has to do before being considered a place there.
M00rlicious
New User
New User
 
Posts: 17
Joined: Mon Dec 23, 2013 7:25 pm
Blog: View Blog (0)


Re: Ideas anyone?!

Post by fashizzlepop on Tue Dec 31, 2013 10:03 pm
([msg=78681]see Re: Ideas anyone?![/msg])

Thanks M00r, great suggestions. Will definitely look into these.
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.
User avatar
fashizzlepop
Developer
Developer
 
Posts: 2303
Joined: Sat May 24, 2008 1:20 pm
Blog: View Blog (0)


Re: Ideas anyone?!

Post by xKpk on Tue Jan 14, 2014 7:46 pm
([msg=78943]see Re: Ideas anyone?![/msg])

hellow533 wrote:How about mission-like interactive tutorials. I've suggested this multiple times now, it would dramatically boost the website's new user knowledge, cut back on "how to hack" threads, and boost activity because people will actually try to learn for once. Sure it would take a while, but once you cover multiple fields people will be swarming. I'm thinking a good 50+ tutorials as well, going from basic to advanced. Include program interfaces, such as a fake linux box or Cain to sniff out fake packets.

I'll even help develop missions (when I have time) if need be. I'm willing to help, let's just get the ball rolling on this.


I highly agree with this.
xKpk
New User
New User
 
Posts: 2
Joined: Tue Jan 14, 2014 7:41 pm
Blog: View Blog (0)


Re: Ideas anyone?!

Post by jgr on Tue Jan 14, 2014 10:02 pm
([msg=78947]see Re: Ideas anyone?![/msg])

hellow533 wrote:How about mission-like interactive tutorials


Wells had done this years ago on hakdissitelol (unsure about spelling) but the idea was never adopted. Much dissapoint.

My main issue has always been the need for massive overhaul on user interface and accessibility, to list a few issues:

Interface: The text on the site is far too small and barely readable due to the lack of contrast, i've had to switch to the old white and green theme (which looks awful) just to read things. Most of the pages are inconsistent, I understand that most of it has been slotted in by various devs over time but there is no general consistency, it is like a community mural.

Navigation: A massive pain. There's this one huge center aligned (so ugly) list to the left which requires you to "hunt" for what you want (made worse by the font size and color) and most pages you travel to are incomplete, for eg. profile settings contains no link to avatar editing which is instead buried under "profile", it should be combined into the one page.

Accounts: imo recreate the entire thing, an account on HTS should give you mission, forum and irc access. Trying to glue accounts together in 3 separate domains is just wrong...

EDIT: here is an exmaple mission from Wells' hakdissitelol http://web.archive.org/web/20100902034027/http://www.hakdissitelol.org/basics/postvar unfortunately only two of the missions were archived and none of the layout and design.

Also, his post about it: https://www.hackthissite.org/forums/viewtopic.php?f=9&t=6608&start=20#p52422
User avatar
jgr
New User
New User
 
Posts: 4
Joined: Wed Nov 14, 2012 3:01 am
Blog: View Blog (0)


Re: Ideas anyone?!

Post by fashizzlepop on Tue Jan 14, 2014 11:51 pm
([msg=78950]see Re: Ideas anyone?![/msg])

The specifics of Wells' post:
So yeah, the content. We need a whole new set of basic missions. These should actually be educational and teach you what you need to know before you do the mission itself. They should not require registration. I made a website called http://www.hakdissitelol.org as a proof of concept of what I thought the missions should be like. That url is now inactive but I have uploaded a copy to wired's shell account here: http://wired.rootedker.nl/

We want hackthissite to be the landing page for a search like "What is SQL injection". And not only do we teach the user exactly what it is, we let them try it out themselves.

Forcing registration on the site is a huge barrier to entry. And the fact the basic missions suck so hard and don't actually teach you anything is a big problem.

Personally I think HTS needs to drop the political underground bullshit and just focus on educating and teaching people about various security and hacking-related topics in a fun and engaging way.


I agree about adding pages/missions that should answer the questions like "What is SQL Injection?" etc. This is a great idea.

The outdatedness of the missions is well know as well as the poor site UX. Trust me when I say, we're actively working on it.
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.
User avatar
fashizzlepop
Developer
Developer
 
Posts: 2303
Joined: Sat May 24, 2008 1:20 pm
Blog: View Blog (0)


Re: Ideas anyone?!

Post by calebhk98 on Sat Feb 22, 2014 11:37 pm
([msg=79597]see Re: Ideas anyone?![/msg])

What about learning levels for newbies? Where it is before basic and teaches how to do it instead of letting you see how well you are and if you have the know how? That way people will swarm in and let you get a lot more donations. Also .org is supposed to be for teaching sites and this pretty much just test you.
calebhk98
New User
New User
 
Posts: 2
Joined: Tue Dec 24, 2013 4:10 pm
Blog: View Blog (0)


PreviousNext

Return to General design

Who is online

Users browsing this forum: No registered users and 0 guests