Basic Mission 11

[-Ninjex-]

Nice try, but this mission DOES require brute force.

You are wrong. Please don't post false information on how to solve a mission on the forums help topic. You are going to confuse people.

To anyone that views this in the future, bruteforce is not required at all.

[facelessman26]

Firefly. Don't be like Sam.
Look man I joined yesterday, i know nothing about hacking, or programming, and I finished all the basic missions in a matter of hours.
Trust me, I promise you, you do NOT need to brute force the password. I'd say this mission is easier than 8 because I knew nothing about Apache. Thats not a hint though. You use what you learned from all the previous missions but mission 11 separate from the others.
The clues are all here in this forum. And for crying out loud haven't you learned anything about using the internet to the fullest extent? If you just can't figure out how to go about solving this mission then you should search for help.
Lets recap.
Sam is a total Dumbass. I'm surprised he even got his music site to run.
Now we know websites are structured much like anything else on computers.
This guy sam throws song titles at you on every refresh. Perhaps they have something in common? although its just a minor clue not really too helpful.
The password login, page if you guessed it, is really the Last place you need to be. SInce you don't know the password maybe you can find it like in the other missions. hint there. what did all the previous missions have in common? the password was stored somewhere. In a file. You want to try to find it just like the previous missions.
That said and as its been said before learning your ABCs all over again couldn't hurt. Even if you graduated from high school.
I'm just trying to point you in the right Direction here.
And you know thatb this is an Apache site and apache stores its password login information in a certain file. this file is very important its the one your after. And you should learn about this file by searching and reading the internet about it. links are in this forum and the type of file is even mentioned in name (even the asterisks are gone) you just have to look for it.
From there its quite just a matter of seeking. I'm pointing you in the Direction you need to go in with a big ass sign.

you dont need to brute force this BASIC mission. and those capital letters have nothing to do with the programming language called basic, the letters are capitalized for emphasis of how basic the mission is. You are trying way too hard on a really dumb and lazy target.

[f1r3fly_s3r3n1ty]

You are wrong. Please don't post false information on how to solve a mission on the forums help topic. You are going to confuse people.

To anyone that views this in the future, bruteforce is not required at all.

Firefly. Don't be like Sam...

Wow, I can't tell if you guys are newbs or if you're just stupid...perhaps a little of both.

I'll assume you know what an algorithm is. Here is a basic one for brute force:
gen (P): generate a candidate solution for P.
valid (P, c): check whether candidate c is a solution for P.
output (P, c): use the solution c of P as appropriate to the application.

Let's apply this algorithm to the situation. This might be difficult for you but try to follow along...
The Problem (P) is we don't know the directory structure of the site, so let's start by generating a candidate name (c). How 'bout "John." Now, we check if "John" is a directory. If it is, great! If not, generate another candidate and keep going. You just applied brute force.

Automating this process can yield the correct structure in less than 30 seconds, even if we don't apply heuristics when generating candidates. Take it as you may, but brute force is still used to solve the mission.

"Learn your ABC's..."

[cberg22]

I'm fairly sure that what f1r3fly is saying is that it requires guess and check, which is essentially what brute force is but on a much smaller scale since each guess is an educated one and you're likely to get it right soon enough. Correct me if I assumed anything wrong...

[facelessman26]

Yes, by the definition:

Brute Force
Proof by exhaustion, also known as proof by cases, perfect induction, or the brute force method, is a method of mathematical proof in which the statement to be proved is split into a finite number of cases and each case is checked to see if the proposition in question holds.[1] A proof by exhaustion contains two stages:

1. A proof that the cases are exhaustive; i.e., that each instance of the statement to be proved matches the conditions of (at least) one of the cases.
2. A proof of each of the cases.

(Source Wikipedia)

If you exhaust yourself by guessing what the directory structure is then you are trying way too hard.

My ABCs:
a b c d e f g h i j k l m n o p q r s t u v w x y z
Now i've sung my ABCs, next time won't you sing with me?

[conscience]

You are wrong. Please don't post false information on how to solve a mission on the forums help topic. You are going to confuse people.

To anyone that views this in the future, bruteforce is not required at all.

Firefly. Don't be like Sam...

Wow, I can't tell if you guys are newbs or if you're just stupid...perhaps a little of both.

I'll assume you know what an algorithm is. Here is a basic one for brute force:
gen (P): generate a candidate solution for P.
valid (P, c): check whether candidate c is a solution for P.
output (P, c): use the solution c of P as appropriate to the application.

Let's apply this algorithm to the situation. This might be difficult for you but try to follow along...
The Problem (P) is we don't know the directory structure of the site, so let's start by generating a candidate name (c). How 'bout "John." Now, we check if "John" is a directory. If it is, great! If not, generate another candidate and keep going. You just applied brute force.

Automating this process can yield the correct structure in less than 30 seconds, even if we don't apply heuristics when generating candidates. Take it as you may, but brute force is still used to solve the mission.

"Learn your ABC's..."

Stop trolling, mate!
And also, please do not misinform our newcomers.
Once again, I tell ya: Brute force is NOT required for this mission at all.
The above may vaguely cover BF, however, it is definitely not the correct way of solving the challenge.

[-Ninjex-]

Wow, I can't tell if you guys are newbs or if you're just stupid...perhaps a little of both.

https://www.hackthissite.org/user/view/-Ninjex-/

Yeah, I am a fucking noob dude...
I will not bite my tongue with you, since you want to call me a stupid noob...
To continue, yes it is possible to build a programming to scan the directories, of course, which != brute-forcing.
Which means that there is no brute-forcing involved you fucking idiot. To be able to Brute-force something, you need some type of encrypted data... Encryption is defined as converting data or information into code. That was not done anywhere in this challenge. I don't see how you are still babbling on with your totally false fucking theory. You, my friend are the one that sound like a complete fucking retard/noob.

Please, do me a favor and just stay off of the forums until you can actually learn your facts and what the fuck to type.

[wizd00m]

I got to the .h****** page with the D*A***** and the text file message is just some apache directive that restricts and allows access. CONFUSED AS HELL. helpppp

[wizd00m]

I got to the .h****** page with the D*A***** and the text file message is just some apache directive that restricts and allows access. CONFUSED AS HELL. helpppp

from my understand the .h******* will not be granted acccess to the server but i don't get how this information is of any use to me.

[wizd00m]

Ok i got the answer. This was extremely misleading as i was in the .h****** text file looking for the password there when in actuality it was somewhere completely different. As soon as i got to where i needed to be the answer was found extremely easily.

Hint to others don't think your done when you've uncovered the mysterious apache .h***** file there is still another file to look for, then and there is where you will find what you are looking for.