YEEEEEEEEEEEEAH!!!

Well, if you want to reveal the answer or how to figure out it, no need to do that. But if you want to share your experience in this level, you are welcome.

No, I don’t want to reveal the answer, that was why I asked for someone (who has already completed it of course) to pm me about it, because I think I done it in quite an awkward way. That being said, there’s no need any more because I just worked out a better way to do it. Love it! I didn’t think I was ever gonna complete that one lol!!!

Then, congrats to you. :D

Just out of curiosity, if I was to (hypothetically speaking of course) try that on another web page, but do absolutely no damage and just look around, would I get caught? If I done from a Tor browser, would ‘they’ really go to much effort to find someone who didn’t even damage the site? Would they even know that I’ve been there?

If you successfully hack any website, it’s their fault for being insecure. Google even offered prizes for hacking. Facebook? Nah, they just don’t care, EVEN if you noticed them some serious bugs.

But be sure and play safe. Some organizations have enough finance/power to arrest someone, you know. ;)

Most probably, because yes you may cause no damage, but the page/site may have “Restricted Information” on there that they don’t want you to know. And also it really depends on the security of the site and what features they have in place to stop/track that.

I think if you succeed to login as an admin on a website with SQL injection, the website isn’t really developed so they may not catch you but I don’t know if it’s illegal…

Hmmm. Tor would help prevent me from getting caught though, right? I know that it wouldn’t do much good if I was trying to hack CIA or something (lol, as if I could) but against smaller websites it might do the trick right?

Lets say someone found your window opened, so he climbed in, had a toor in your house and left.
if you cought him or he got cought on camera… can you file a report on that and the guy can get arrested…
if yes then do not hack into any website/service/application withour prior approval from the owner.

@ADIGA: I agree with your example. However, curiousity is a hacker’s friend. If everyone thought “Well, I don’t have any permission from the website’s owner, I should go out.”, there wouldn’t be “hacker” from the start.

I guess it’s the personal choice to hack or not to hack, right?

Well, think of it in another way, almost 95% of the websites run an open source software or a modded version of it, even if its not free, mostly you can find a trial or a limited edition.

this can help you in another way by learning how to setup your own web and database server, install some softwares/scripts on it, then you can hack them localy as you like…..

make your own training center, and then report the bugs you find to the vendors.

@ADIGA: Your suggestion seems very fine. :D