Please ask questions in this topic ONLY

Re: Please ask questions in this topic ONLY

Post by pyroc0w on Sat Jun 05, 2010 6:49 pm
([msg=39574]see Re: Please ask questions in this topic ONLY[/msg])

Yeah, the guestbook ruined the challenge for me. :|
pyroc0w
New User
New User
 
Posts: 1
Joined: Tue Jun 10, 2008 12:24 pm
Blog: View Blog (0)


Re: Please ask questions in this topic ONLY

Post by themagicpickle on Tue Jun 15, 2010 12:15 am
([msg=40085]see Re: Please ask questions in this topic ONLY[/msg])

The guestbook ruined the challenge for me as well. I had already figured out how to find the directory structure before I saw the guestbook, so loading it up without frames and checking the source did nothing for me. I still have no idea where to find the password, other than the guestbook. If this were "realistic," the username and password wouldn't be stored on some kid's webpage.
themagicpickle
New User
New User
 
Posts: 3
Joined: Tue Jun 08, 2010 12:25 am
Blog: View Blog (0)


Re: Please ask questions in this topic ONLY

Post by msbachman on Tue Jun 15, 2010 1:58 am
([msg=40090]see Re: Please ask questions in this topic ONLY[/msg])

themagicpickle wrote: If this were "realistic," the username and password wouldn't be stored on some kid's webpage.


Hopefully not, lol.
"I'm going to get into your sister. I'm going to get my hands on your daughter."
~Gatito
User avatar
msbachman
Contributor
Contributor
 
Posts: 681
Joined: Mon Jan 12, 2009 10:22 pm
Location: In the sky lol
Blog: View Blog (0)


Re: Please ask questions in this topic ONLY

Post by footyfrak on Tue Jun 22, 2010 5:32 pm
([msg=40609]see Re: Please ask questions in this topic ONLY[/msg])

Question: How did you know that you must use this file:/C:// (How and where did you learn that) ? This challenge is very interesting and good and tremendously difficult because almost no one will finish it without legal spoiler (file:/C://) which is set on forums. For me that is a spoiler, and with it challenge becomes very easy. Without it I will never finish this mission. But the point is to learn, and i didnt learned why to use file:/C:// and there is no explanation why (or to figure out how and why). I just saw on forums(when i got stucked) that you should try this command - file:/C:// . I guess that is because server is on Win95, and that information tells you that you cen use spoken code. Please, we need a tutorial on this, or somethink like that (like, how proxy servers get files). Thank you!

DarkLeGenD on page 5 ask almost the same, but the answer he got, i think, is not enough. :D :oops:

Proposal: Please, if you can, write a script that will remove all spoilers from guestbook.txt because that file ruined the challenge. Just look into the guestbook messages, there's all kinds of spoilers, pass, username, URL of LogIn page, everything you need. Someone who is bored put that there and someone who first tries to solve the mission get to gustbook and he maybe put some injections and saw something like, pass is this and username is this, he maybe even think, wow injection worked. :mrgreen:

Question for Admins and Moderators: Who has made this challenge? I'm just curious because at the Student Work page there is a student with name Snezana Antic. It is a typical Serbian name and I am from Serbia too :D and thats why I am wondering and I hope you understand me. Well I guess, this challenge is one of the older (because the server that runs on Win95 :D ) and, as i know, the (one of the) founder(s) of HTS is Jeremy Hammond who lives in Chicago and the accident still lives there half a million Serbs. So, maybe, Snezana Antic was his girlfriend from school, or just a good friend. On Snezana's page there is: Im a goth (duh). And the word "duh" means spirit, and there is a link to his (cyber) boyfriend Nolan Ethix. But nevermind that, maybe it's all just a coincidence, but its not impossible that the creator of this challenge once met Serbian girl in Chicago :P . Of the ten million Serbs in the world, nearly half a million lives in Chicago. Original name should be written like this Snežana Antić
Code: Select all
Snežana Antić
. Maybe you fix her page 8-) :lol: . She really loves dark, she was...
footyfrak
New User
New User
 
Posts: 17
Joined: Sun Mar 01, 2009 4:18 pm
Blog: View Blog (0)


Re: Please ask questions in this topic ONLY

Post by xavier_robin on Wed Jun 23, 2010 7:51 am
([msg=40650]see Re: Please ask questions in this topic ONLY[/msg])

Trying to solve it without the guestbook spoiler. I found the admin password file, but:
You're on the right track, but the password doesn't lie here.
:(
I can also display the source code of the guestbook and the other perl files. I'm nearly sure I can access the password file from here, but the two characters needed for directory traversal are forbidden by the script… I tried encoding them, but it's not better. Any hint to solve that?

Edit: oooh, that was soooooooooooooooo obvious from where I was :o I don't know how I could miss that! :oops: Why do I always look for the difficult solution? :lol: (feeling a little bit ashamed.)
xavier_robin
New User
New User
 
Posts: 4
Joined: Mon Jun 14, 2010 7:57 am
Blog: View Blog (0)


Re: Please ask questions in this topic ONLY

Post by OnlyHuman on Wed Jun 23, 2010 8:20 am
([msg=40652]see Re: Please ask questions in this topic ONLY[/msg])

Directory traversal won't be necessary. Retrace your steps. Fully examine all of the directories you were able to view when you found that password file you're talking about. The file you need to see via the guest book, is actually the form action of a another file. One that you'll be able to get to, with very little trouble.

EDIT

Nevermind, I just saw that you solved it. Good job!
OnlyHuman
Poster
Poster
 
Posts: 191
Joined: Sat Aug 22, 2009 1:37 am
Blog: View Blog (0)


Re: Please ask questions in this topic ONLY

Post by d00ff00 on Mon Jul 05, 2010 11:03 pm
([msg=41314]see Re: Please ask questions in this topic ONLY[/msg])

just finished this, the real way.

the important thing once you find the a**** p**** is to realize how the g****b*** is displayed - the real page you are seeing is not internet.pl.

when you check the url or info of the frame, the solution becomes obvious.
d00ff00
New User
New User
 
Posts: 1
Joined: Sun Sep 14, 2008 8:29 am
Blog: View Blog (0)


Re: Please ask questions in this topic ONLY

Post by KavalE on Mon Aug 23, 2010 7:58 pm
([msg=44173]see Re: Please ask questions in this topic ONLY[/msg])

Oh man, this one is so funny.
Remind me of this site http://wonder-tonic.com/geocitiesizer/
KavalE
New User
New User
 
Posts: 4
Joined: Thu Jun 24, 2010 1:04 am
Blog: View Blog (0)


Re: Please ask questions in this topic ONLY

Post by smartmalk on Sat Sep 11, 2010 1:31 pm
([msg=45515]see Re: Please ask questions in this topic ONLY[/msg])

LMAO omg this is probably the funniest challenge I've ever done. I can't believe i spent so much time browsing that stupid win95 directory :cry:
smartmalk
New User
New User
 
Posts: 6
Joined: Sat Apr 03, 2010 2:19 pm
Blog: View Blog (0)


Re: Please ask questions in this topic ONLY

Post by TheOracle12 on Mon Oct 18, 2010 10:38 am
([msg=47723]see Re: Please ask questions in this topic ONLY[/msg])

Can anyone tell me the right way to complete this challenge I already completed... used the guest book... but I would like to learn how to do whatever it takes to complete this.
TheOracle12
New User
New User
 
Posts: 1
Joined: Sun Oct 17, 2010 11:39 pm
Blog: View Blog (0)


PreviousNext

Return to (Real 12) Heartland School District

Who is online

Users browsing this forum: No registered users and 0 guests