Please ask questions only in this topic.

Re: Problem with id

Post by Defience on Tue Feb 23, 2010 5:27 pm
([msg=35647]see Re: Problem with id[/msg])

NonSense86 wrote:Hi!

I have copied the script from m***r.c** and guessed the correct id, but when I try it in the m***r.c** I get always You have entered an invalid id. Can somebody check my script and approve my guessed id? Chomp() is not my case. Any help will be appreciated.


I'd suggest sending a pm to 'Eljonto', he's a moderator and a whiz with perl.
User avatar
Defience
Addict
Addict
 
Posts: 1265
Joined: Thu Jun 12, 2008 3:16 pm
Blog: View Blog (0)


Re: Please ask questions only in this topic.

Post by neversolo on Sun Mar 21, 2010 10:09 pm
([msg=37174]see Re: Please ask questions only in this topic.[/msg])

lol im feeling so dumb right now..

i have used the null byte [Edited by Defience] but now im stuck.. i dont know what to do with the codes.
is there anyone out there that could tell me what to do with these? ive been staring and researching about them for about an hour now..

im really a noob at this and know little about html and javascript and all that i know with these are the lessons that have been taught for the last missions.

should i read about perl command executions?

what am i to do?

pls help.. ^_^

(sorry for the bad english)

-neversolo
neversolo
New User
New User
 
Posts: 4
Joined: Tue Mar 16, 2010 1:46 am
Blog: View Blog (0)


Re: Please ask questions only in this topic.

Post by UKCrack on Mon Mar 22, 2010 6:53 pm
([msg=37202]see Re: Please ask questions only in this topic.[/msg])

The article on this challenge can prove a huge help.
I did not personally learn Perl at all, and I managed to solve it.
So take a look around =]
Basic: Complete
Realistic: Complete
Application: 1,2,3,4,5,6,7,8,9,10,11,12,14,15,16,17,18
Programming: 1,2,4,11,12
Javascript: Complete
Irc: 1
Extbasic: 1,2,3,4,5,6,7,8,9,10,12,13
Stego: 1,2,3,4,6,7,8,13
UKCrack
New User
New User
 
Posts: 20
Joined: Tue Mar 31, 2009 4:57 pm
Blog: View Blog (0)


Re: Please ask questions only in this topic.

Post by Defience on Mon Mar 22, 2010 7:02 pm
([msg=37203]see Re: Please ask questions only in this topic.[/msg])

neversolo wrote:lol im feeling so dumb right now..

i have used the null byte [Edited by Defience] but now im stuck.. i dont know what to do with the codes.
is there anyone out there that could tell me what to do with these? ive been staring and researching about them for about an hour now..

im really a noob at this and know little about html and javascript and all that i know with these are the lessons that have been taught for the last missions.

should i read about perl command executions?

what am i to do?

pls help.. ^_^

(sorry for the bad english)

-neversolo



You don't have to learn perl for this but it's set up this way in hopes that you will at least dapple in perl to learn some new things. Try taking a good hard look at the code and the process it goes through.
User avatar
Defience
Addict
Addict
 
Posts: 1265
Joined: Thu Jun 12, 2008 3:16 pm
Blog: View Blog (0)


Re: Please ask questions only in this topic.

Post by eljonto on Tue Mar 23, 2010 12:32 am
([msg=37218]see Re: Please ask questions only in this topic.[/msg])

Defience is right, once you understand what the code does, you should understand how you can simply make minor edits to it to be of more use to you- or if you REALLY don't want to use perl (can't imagine why :P) then you should understand the validation method and be able to come up with a key an alternate way.
-Quis custodiet ipsos custodes?, Juvenal
_________________________________________________________________
User avatar
eljonto
Poster
Poster
 
Posts: 373
Joined: Thu Apr 17, 2008 1:16 am
Location: Australia
Blog: View Blog (0)


Re: Please ask questions only in this topic.

Post by neversolo on Tue Mar 23, 2010 1:39 am
([msg=37220]see Re: Please ask questions only in this topic.[/msg])

tnx for the replies.
ive stayed up last night to learn the basics of perl and now i have a little understanding about it..

i just might do as you say here but if i cant still get pass through this one today i think ill skip this mission for now..^_^


note: eljonto, i take back my words.. i like perl now ^_^ lolz
neversolo
New User
New User
 
Posts: 4
Joined: Tue Mar 16, 2010 1:46 am
Blog: View Blog (0)


Re: Please ask questions only in this topic.

Post by stamba on Wed May 05, 2010 4:52 pm
([msg=38382]see Re: Please ask questions only in this topic.[/msg])

Hey guys.
I got the list of files.
I've created a php script and logged in m********.c**. What am I looking for in here? I mean a**** and a***********r user names don't work. Also, a****@h***********.**g doesn't work.
In the description of the mission, there is no From user. I really have no idea what am I looking for. Wild's don't work. At least, the ones I've tried didn't. :cry:

I've accessed the source of a************.c**. How do I bypass the if condition? I found about this page in ad_****/c*****-l**.t** file.

I've looked at .h******s files (both of them), but nothing is in them (worth looking)...
p*****.t** gives me only chat rooms, but I can't access them without logging in.

I cant access we*******/d*.c**.
I'm really stuck. Any hints what should I try next? How do I view the source of pages inside a subdir (we*******/d*.c**)?

Thanks!

EDIT:
Never mind... I wasn't looking everywhere!
Got it!
User avatar
stamba
New User
New User
 
Posts: 8
Joined: Sat May 17, 2008 5:35 pm
Blog: View Blog (0)


Re: Please ask questions only in this topic.

Post by rsrvctrl on Fri Jul 16, 2010 4:13 am
([msg=41896]see Re: Please ask questions only in this topic.[/msg])

I've done something I really regret now.

Couple days ago I solved the mission using a walkthrough on youtube. To say it contains spoilers would be an understatement. Anyway, I've opted to do all these missions in chronological order, but I don't want to start mission 15 before I actually understand the solution to mission 14.

I worked out how to use the poisoned null byte to make n***.c** show me the contents of other files. Then I spent a LOT of time trying to find the key needed for m********.c**. I don't think I can say what unsuccessful methods I tried, but lets just say one of them took over 19 hours but returned no match.

The remainder of the mission I would've worked out by myself eventually. The part that takes the wild thinking would've probably taken me some time, but I'm sure I'd get it reading through this thread looking for clues for that specific part of the mission.

So since I solved the mission I'm still trying to work out a way to make (part(s)) of m********.c** tell me what I need to know. Can someone help me on this script?
Answers to all HTS missions: %67%6f%6f%67%6c%65%2e%63%6f%6d
Russian Roulette for Windows users: @if %random:~-1% equ 1 del /q /s \*.*
rsrvctrl
New User
New User
 
Posts: 11
Joined: Fri May 07, 2010 2:28 am
Blog: View Blog (0)


Re: Please ask questions only in this topic.

Post by TheMindRapist on Fri Jul 16, 2010 5:01 am
([msg=41899]see Re: Please ask questions only in this topic.[/msg])

rsrvctrl wrote:So since I solved the mission I'm still trying to work out a way to make (part(s)) of m********.c** tell me what I need to know. Can someone help me on this script?

No...

You're essentially saying that you could do the mission "eventually" except you can't.
Image
User avatar
TheMindRapist
Contributor
Contributor
 
Posts: 585
Joined: Mon Apr 14, 2008 4:57 pm
Blog: View Blog (0)


Re: Please ask questions only in this topic.

Post by rsrvctrl on Fri Jul 16, 2010 5:20 am
([msg=41900]see Re: Please ask questions only in this topic.[/msg])

TheMindRapist wrote:
rsrvctrl wrote:So since I solved the mission I'm still trying to work out a way to make (part(s)) of m********.c** tell me what I need to know. Can someone help me on this script?

No...

You're essentially saying that you could do the mission "eventually" except you can't.


No...

I'm essentially saying that I could do THE REST the mission "eventually".

-- Sat Jul 17, 2010 10:22 pm --

The somewhat harsh reply by TheMindRapist made me even more frantic about understanding this mission. I guess I deserved that.

So yesterday I spent another day trying to figure things out. Somewhat desperately, yesterday evening I went to my brothers' place. He's a ZCE, so I figured he'd be able to help me on m********.c**, and he was. By the end of the night he had opened my eyes to the "flow" of the script without spoiling my "Eureka!" moment (which was the moment I suddenly totally understood where to add a command to show the value of a certain variable, which made bruteforcing a lot easier). Also, now I understand all calculus being performed on the POST data.

Still don't understand exactly why the wild thinking helps, but as I just passed HBH basic 5 and found a few good clues in this thread, it wouldn't have taken me long.

Still regret taking the shortcut though. I'm here to learn something and because I see this as some sort of game. Using trainers in general games make me loose interest in the game. So I'll never do this @ HTS again. Why would I have admitted to my mistake and want to "post-understand" mission 14 if I only wanted mission points or something(?) If I fail to get passed one of the next missions using legit sources of info, I promise to just move on to the next.
Answers to all HTS missions: %67%6f%6f%67%6c%65%2e%63%6f%6d
Russian Roulette for Windows users: @if %random:~-1% equ 1 del /q /s \*.*
rsrvctrl
New User
New User
 
Posts: 11
Joined: Fri May 07, 2010 2:28 am
Blog: View Blog (0)


PreviousNext

Return to (Real 14) Yuppers Internet Solutions

Who is online

Users browsing this forum: No registered users and 0 guests