Please ask questions ONLY in this topic.

Re: Please ask questions ONLY in this topic.

Post by fashizzlepop on Sun Jun 26, 2011 12:58 am
([msg=59038]see Re: Please ask questions ONLY in this topic.[/msg])

TIL JTR auto detects the hash type.

I can't remember the type exactly from this challenge. If you PM me the hash I can try enlightening you.
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.
User avatar
fashizzlepop
Developer
Developer
 
Posts: 2303
Joined: Sat May 24, 2008 1:20 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by dan83 on Wed Jul 27, 2011 1:27 pm
([msg=60195]see Re: Please ask questions ONLY in this topic.[/msg])

bah, I can't find the .htpasswd file, can someone confirm if it's in the /a**** directory? I've tried many variations and different directories using the script. Can someone just tell me if it should be at the above location? Much appreciated :)
dan83
New User
New User
 
Posts: 1
Joined: Sun Apr 03, 2011 4:36 am
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by Wideload on Fri Aug 26, 2011 12:56 pm
([msg=61224]see Re: Please ask questions ONLY in this topic.[/msg])

MrZypher wrote:EDIT: I swear, I'm going to jump off my roof right now. I had the right place in the first five minutes, but I had a spelling error. As usual, the whole thing is about a million times less complicated than I imagine it must be. To those who had trouble where I did, there should be very little guessing as to the location of the file. You can track down the location based on what you can find within the website. Links to other websites posted so far are useful for understanding what you need to find, but not really where you need to find it. Don't do what I did and try to use them to figure out the file location, or you'll spend hours going no where. I don't think this is too spoilerific. I'm just trying to separate some ideas from one another and remove some misconceptions about the problem that I developed when I was reading this thread.


It seems to me that the biggest hint is "find out where the file= gets the files from". Well, by typing http://www.hackthissite.org/missions/realistic/7/war.txt I learnt that it is "getting" the information from the route/parent directory. If that is the case, then one can assume that you need to go up one level and you can go from there. However, MrZypher, whom I quoted, said that "there should be very little guessing as to the location of the [.h....] file" and that "You can track down the location based on what you can find within the website". The only index that I can find is that of the i***** directory, which seems to be of no help, as there are no other directories that can help.

I know that sounds like I'm just thinking aloud, but what I'm really asking is how do you know where to find the file? Like MrZypher previously said, there seems to be no common or logical file path to try, and I can't work it out from what I can find. I hope I'm not being blond, and I really hate to repeat what others have already ask, but I've gone through all 23 pages of this thread and can't quite find what I'm looking for. Any assistance would be fantastic and if you need any clarification on my ramblings then I'd be happy to oblige.
Courage is the art of being the only one who knows you're scared to death.
- Harold Wilson (1916 - 1995)
User avatar
Wideload
New User
New User
 
Posts: 1
Joined: Fri Aug 26, 2011 12:07 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by limdis on Wed Sep 28, 2011 9:19 pm
([msg=61940]see Re: Please ask questions ONLY in this topic.[/msg])

Wow this was a real bitch! Not because it was hard but because of all the little mistakes you can make. For some reason things played out a bit differently for me than from what I was reading through the forum (yeah I went through all 23 pages). There are enough tutorials posted here to walk right into this challenge with no background knowledge of what you are doing and you can figure it out. But if you are still stuck, here is what was different for me:

Step 1 - Getting the Hash
I knew WHERE it was and HOW to get it. (if you don't - go back through the forums) But I never got a broken pic image or anything to indicate I was right. I would get things like, "You Can't View That File" or "please do not try to open image files" or "The specified file does not exist." If you see any of these you can be either really close or waaay off. I was able to duplicate all of those messages with a multitude of URL configurations and php commands not used or needed for this challenge. Now I'm not going to tell you exactly but if while you are searching for the hash and you get something other than those listed above, and you are certain you are in the right spot, you ARE VERY CLOSE. Just remember the source.

Step 2 - Time for JTR
I personally used backtrack 5, booted off a USB drive. Either way you choose to do it the biggest problem I saw going through the forums was the formatting. Don't let what the hash looks like through you off, you don't need to change anything. Just remember to use the WHOLE thing when you make your .txt file.

If anyone else is using backtrack and need some help with navigation, feel free to PM me.
"The quieter you become, the more you are able to hear..."
"Drink all the booze, hack all the things."
User avatar
limdis
Moderator
Moderator
 
Posts: 1414
Joined: Mon Jun 28, 2010 5:45 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by ElectroPlasma on Sat Nov 05, 2011 6:28 pm
([msg=62818]see Re: Please ask questions ONLY in this topic.[/msg])

I've read all about Apache etc., tried many variations of stuff within the showimages.php function, and I still can't figure out where that bloody file is. If I use ../ at all I get "you can't view that file," and anything else just says that file doesn't exist. If it ends in .jpg, it says "please do not try to view image files." I really am stuck. How are you supposed to know where to look for this file?

-EP
ElectroPlasma
New User
New User
 
Posts: 21
Joined: Mon Nov 01, 2010 2:14 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by holdinbanks on Sun Jan 15, 2012 12:59 pm
([msg=63700]see Re: Please ask questions ONLY in this topic.[/msg])

is this mission still down? images aren't showing up where they should, and instead it reads specified file does not exist.
holdinbanks
New User
New User
 
Posts: 2
Joined: Sat Jan 14, 2012 11:41 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by cyberdrain on Mon Jan 23, 2012 6:57 am
([msg=63835]see Re: Please ask questions ONLY in this topic.[/msg])

holdinbanks wrote:is this mission still down? images aren't showing up where they should, and instead it reads specified file does not exist.


Either they fixed it or it was only a problem on your part, the mission is looking good from here.
Free your mind / Think clearly
User avatar
cyberdrain
Addict
Addict
 
Posts: 1350
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by wolv3rin3 on Mon Feb 06, 2012 10:40 pm
([msg=64160]see Re: Please ask questions ONLY in this topic.[/msg])

This mission don't work on FireFox to me. The browser should get the image from the .htpasswd file but it doesn't (It loaded the page, but couldn't downloading the .jpg file with the hash).
However, I tried with Chrome and the broken image appears with the hash.

Maybe, my mozilla is wrong :(
wolv3rin3
New User
New User
 
Posts: 8
Joined: Sat Feb 04, 2012 2:52 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by piex17 on Wed Feb 08, 2012 9:21 am
([msg=64201]see Re: Please ask questions ONLY in this topic.[/msg])

So... I found the hash and cracked it, but how do I find the username?

EDIT: Nevermind I figured it out.
piex17
New User
New User
 
Posts: 4
Joined: Sat Jan 21, 2012 9:49 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by strongard on Wed Feb 22, 2012 11:40 pm
([msg=64560]see Re: Please ask questions ONLY in this topic.[/msg])

I can not find the .htpasswd file , I only found the admin file that wants "username" "password"I try everything I learned I red all the links in the forum and others , I tried all the possibilities , more than 85 url command i red the source , examined it , analyse it , used google but no result it says " you can not view this file"
or "the file you specified does not exist2 or "please do not try to open image file" I need help and a push in the good direction..( the hints in the forum are all about how to crack the hash but not how to find it ALTHOUGH finding the hash IS A LOT MORE DIFFICULT AND COMPLICATED THAN craking it
this is what makes me wonders that people who pretends finding the hash without being able to crack it are cheaters and go to see half of the answer for this challenge in hts mission or you tube or articles which talk about this mission)

please help in how to find the htpasswd and do not tell that I want to answer or I want to be spoonfed because I have been more than 4 days trying hard to find the htpasswd with no result this regardless the hundred of articles and links in the forum I red
as you can see , a lot of people like me are stuck in how we need to find the hash file
so help for us please and not only how to crack the hash

-- Sat Feb 25, 2012 9:17 pm --

hello , for 2 days I did not get an answer for my question
I need help in this challenge
and thanks
strongard
New User
New User
 
Posts: 30
Joined: Wed Feb 08, 2012 12:56 am
Blog: View Blog (0)


PreviousNext

Return to (Real 7) What's Right For America

Who is online

Users browsing this forum: No registered users and 0 guests