Please ask questions ONLY in this topic.

One of your best friends has reason to believe that his girlfriend has been cheating on him. He thinks that she's been sending emails back and forth with this other guy, but he has no for sure proof. Now it's your turn to show him what a valuable friend you are!

Re: Please ask questions ONLY in this topic.

Post by donod on Tue Dec 15, 2009 8:18 pm
([msg=31410]see Re: Please ask questions ONLY in this topic.[/msg])

hi

so far i am able to edit the c*****.t** file and found out that i need to make a sort of redirection ?
i find out the flash thing access a**t.***?&u***=X&p***=Y who then send a****=Z
so if to redirect it i need to do some X file with the u/p arguments wich then sends a a*****=t**** ?
i tried some thin like this : a**_***=a***.p**&a****d=true//
but it didnt work
ps: no matter what i try all the flash decompiler crashes when i try to use them :D
donod
New User
New User
 
Posts: 35
Joined: Mon Dec 07, 2009 5:26 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by eljonto on Tue Dec 15, 2009 9:23 pm
([msg=31413]see Re: Please ask questions ONLY in this topic.[/msg])

The server files is called c*****.***, your user edit overwrites a file called c*****.***, so maybe you could change which c*****.*** file is overwritten? Look up directory transversal, also look at the path where your c*****.*** file is saved.
-Quis custodiet ipsos custodes?, Juvenal
_________________________________________________________________
User avatar
eljonto
Poster
Poster
 
Posts: 373
Joined: Thu Apr 17, 2008 1:16 am
Location: Australia
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by donod on Wed Dec 16, 2009 9:50 am
([msg=31445]see Re: Please ask questions ONLY in this topic.[/msg])

eljonto wrote:The server files is called c*****.***, your user edit overwrites a file called c*****.***, so maybe you could change which c*****.*** file is overwritten? Look up directory transversal, also look at the path where your c*****.*** file is saved.

i already found the DT thing but i am blocked at the flash thing
donod
New User
New User
 
Posts: 35
Joined: Mon Dec 07, 2009 5:26 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by eljonto on Wed Dec 16, 2009 6:19 pm
([msg=31461]see Re: Please ask questions ONLY in this topic.[/msg])

Ahh, sorry, well in that case download wireshark, google for it- there's also a link to it in the mission i think. It's a packet sniffer, you might notice some interesting things when using the login.
-Quis custodiet ipsos custodes?, Juvenal
_________________________________________________________________
User avatar
eljonto
Poster
Poster
 
Posts: 373
Joined: Thu Apr 17, 2008 1:16 am
Location: Australia
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by Defience on Wed Dec 16, 2009 6:32 pm
([msg=31462]see Re: Please ask questions ONLY in this topic.[/msg])

I used Flash Decompiler 2.99 for the last part.
User avatar
Defience
Addict
Addict
 
Posts: 1265
Joined: Thu Jun 12, 2008 3:16 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by donod on Wed Dec 16, 2009 8:14 pm
([msg=31474]see Re: Please ask questions ONLY in this topic.[/msg])

ok thanks , flash decompiler works :)
but i dont understand what to do with it ?
what am i supossed to find ?

edit: do i have to change both lines in the file ?
donod
New User
New User
 
Posts: 35
Joined: Mon Dec 07, 2009 5:26 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by theguyofdoom on Sun Dec 27, 2009 2:03 pm
([msg=32045]see Re: Please ask questions ONLY in this topic.[/msg])

Ok, I've got to the part where you use a certain form to put certain values in a certain text file :P

But I don't seem to be able to register a user with the right username, since a sl**h is filtered... :oops:

Can anyone give me a hint?

Ive tried 0x2*, %2* etc, even UTF-8 %c*%af
theguyofdoom
New User
New User
 
Posts: 8
Joined: Mon Nov 23, 2009 2:33 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by Gnutral on Tue Dec 29, 2009 11:22 pm
([msg=32316]see Re: Please ask questions ONLY in this topic.[/msg])

theguyofdoom wrote:Ok, I've got to the part where you use a certain form to put certain values in a certain text file :P

But I don't seem to be able to register a user with the right username, since a sl**h is filtered... :oops:

Can anyone give me a hint?

Ive tried 0x2*, %2* etc, even UTF-8 %c*%af


That character was filtered because it isn't necessary. Consider the way that the c*****.**t files are saved normally and how you want yours to be saved.
Gnutral
New User
New User
 
Posts: 2
Joined: Tue Dec 29, 2009 11:19 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by vagnum on Tue Feb 02, 2010 11:53 pm
([msg=34363]see Re: Please ask questions ONLY in this topic.[/msg])

this is going to be a long way. after reading thru all the answears here i still dont know where to start. what do i have to look for what i s needet for this mission. i completed the Basic Missions but this seems to be different. some advice where to start would be great. ihave found the admin log in thats where i am right now.
vagnum
New User
New User
 
Posts: 1
Joined: Tue Feb 02, 2010 11:36 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by eljonto on Thu Feb 04, 2010 12:05 am
([msg=34441]see Re: Please ask questions ONLY in this topic.[/msg])

vagnum wrote:this is going to be a long way. after reading thru all the answears here i still dont know where to start. what do i have to look for what i s needet for this mission. i completed the Basic Missions but this seems to be different. some advice where to start would be great. ihave found the admin log in thats where i am right now.


Good, now analyse it, see how it all works- then think up how to get past it.
-Quis custodiet ipsos custodes?, Juvenal
_________________________________________________________________
User avatar
eljonto
Poster
Poster
 
Posts: 373
Joined: Thu Apr 17, 2008 1:16 am
Location: Australia
Blog: View Blog (0)


PreviousNext

Return to (Real 16) Simple Mail

Who is online

Users browsing this forum: No registered users and 0 guests