Page 1 of 8

The New EstBasic 10

PostPosted: Mon Nov 10, 2008 11:31 pm
by anonHacker
Well, good luck with it.

Me and mutants_r_us_guild designed extbasics 10 and 11.

Re: The New EstBasic 10

PostPosted: Tue Nov 11, 2008 12:04 am
by xelix
Don't really like them, as they aren't much of a coding review. But an overall challenge, yes. Thanks for the submissions.

Re: The New EstBasic 10

PostPosted: Tue Nov 11, 2008 1:10 am
by anonHacker
xelix wrote:Don't really like them, as they aren't much of a coding review. But an overall challenge, yes. Thanks for the submissions.

True, I feel the same way about it.

There are a lot of things that are wrong with the very idea of batch scripting for security.

Re: The New EstBasic 10

PostPosted: Tue Nov 11, 2008 1:36 am
by xelix
anonHacker wrote:
xelix wrote:Don't really like them, as they aren't much of a coding review. But an overall challenge, yes. Thanks for the submissions.

True, I feel the same way about it.

There are a lot of things that are wrong with the very idea of batch scripting for security.


Exactly. I do however like the concept. I would have never suggested such a thing, so it comes to my surprise that such has been implemented in a good way.

Re: The New EstBasic 10

PostPosted: Tue Nov 11, 2008 4:58 am
by SpiderDude
i think this mission is broken
i solved extbasic 11 in a second, and i have considered the changes in script between 11 and 10, but it will not work

:P
Broken?

Re: The New EstBasic 10

PostPosted: Tue Nov 11, 2008 5:09 am
by anonHacker
SpiderDude wrote:i think this mission is broken
i solved extbasic 11 in a second, and i have considered the changes in script between 11 and 10, but it will not work

:P
Broken?

Not anymore, I think.

Re: The New EstBasic 10

PostPosted: Wed Nov 19, 2008 8:42 pm
by mutants_r_us_guild
xelix wrote:Don't really like them, as they aren't much of a coding review. But an overall challenge, yes. Thanks for the submissions.



It's still code review.. just not practical code review. There is an injection vuln in the script, however batch has no form of sanitation as far as I know. So it's not so much a vuln, but rather a overall flaw in the scripting language itself. However, it does teach you to read and comprehend some pretty complex batch scripting, which I find to be highly over-looked and underestimated. You don't always have a compiler for you language of choice on hand, but with batch scripting, all you need is notepad. ;)
Quite handy if I do say so myself.

Re: The New EstBasic 10

PostPosted: Wed Nov 19, 2008 9:14 pm
by xelix
mutants_r_us_guild wrote:
xelix wrote:Don't really like them, as they aren't much of a coding review. But an overall challenge, yes. Thanks for the submissions.



It's still code review.. just not practical code review. There is an injection vuln in the script, however batch has no form of sanitation as far as I know. So it's not so much a vuln, but rather a overall flaw in the scripting language itself. However, it does teach you to read and comprehend some pretty complex batch scripting, which I find to be highly over-looked and underestimated. You don't always have a compiler for you language of choice on hand, but with batch scripting, all you need is notepad. ;)
Quite handy if I do say so myself.


Well, I've finished both of them. The first was still not much of a coding review, but rather looks like something the developer forgot to add, or didn't bother fixing. I also wouldn't call it complex, I'd rather term it as weird :)

The second took a matter of seconds with C, and PHP both. Really all there was to it was the need to check a few things, no real /programming/ was needed as implied.

They're still good challenges, I'm sure a lot of people will spend some time on them.

Re: The New EstBasic 10

PostPosted: Fri Nov 28, 2008 10:27 am
by psmak
Hmmm, I copy/pasted the code into a bat file and played around a bit with injection until I got the heart warming "You have been authenticated. Welcome aboard!". However, posting my solution resulted in nothing, regardless of capitilization. I tried a few variations, which all work with the bat file, but none are accepted as The Right Answer. Any hints on the format that will actually give me some points? :)

Re: The New EstBasic 10

PostPosted: Sun Nov 30, 2008 12:01 am
by mutants_r_us_guild
pm me with your answer and Ill talk to anonhacker and comperr/another dev to see if a secondary method can be implemented. This is assuming your code works and is valid syntax.