Please ask questions ONLY in this topic.

[sinewave]

I've got the same problem, but my user agent is ok ...

I'm logged to the admin page, modified the url, and always get 'begone vile fiend'.

Am I missing a step ?

[dmarburgg]

i don't know about the privilege escalation, user agent or cookie stealer for this mission.

i just completed it without any of these.

in the final steps all i did was log in with one of the accounts i got from the db and altered the URL to get what i needed.

it was a little frustrating as i spent a while using inline java trying to edit the radio buttons when all i had to do was alter the URL lol

javascript:alert(document.body.childNodes[1].childNodes[0].childNodes[0].childNodes[0].childNodes[4].childNodes[20].innerHTML='<input name="file" value="************" type="radio">space')

[Theist17]

Okay, I got a list of .gif's and a few other things, but I have no idea what to do with them. Drop me a PM with hints, unless others are having the same brain cell deficiency as me.

Edit: How stupid of me!

I totally should have thought of actually using them outside of PERL!

[Liquid_Obsidian]

Hello all...
Found my way to the RWradio thingy.
My prob is how to escakate my privileges to mod/adm
tried mascarading the edit form in all way that came to my mind (specially added a level input)/with and without beeing logged in, furnishing false id input & id url param (and not giving any) and blah blah blah
found out about the mod adding page (unsuccessfull as you can guess...)
could someone gimme a little hint about this ?

Thnks

[desiredtoe]

I got to the mod section, and where it asks to input an sqlite query command or something?
I'm not sure what to do there, I tried using SQL injections, but don't I need the table names for that?
Please help if you can. :c

[SpiderDude]

i got the db, the mod account(wonder****) and i got the radio thing

But what do i do now?!

i found the space64/src.tar.gz directory but it wont let me access it
im not even sure i need that dir
When i type the dir with the /var/ it says FAILED TO OPEN
when i remove the /var/ it says Access Denied

i searched the cookies and i didnt find the cookie that prevents the access and i tried several JS injections, nothing seems to work



What do i do guys? im stuck!

[desiredtoe]

Hey, I'm at the SQLite part, and I found the radio's table that held the data of their users and news and ect.
Now, in the source I see that it is getting me the info from the radio's database, so am I supposed to change it so that it gets me the info I need from the budget serve's database?
If so, I know their database name from the piping, but when I put in their database name instead of the radio's, it still wont work. I tried using directory transversal and everything, and hint or point me in the right direction?

Any help would be appreciated thanks. (:

[godofcereal]

ok iv been stuck on this last bit for awhile now
i have changed the url to blah
but it still wont bloody work.
any clues?

Nevermind got it done. And broke my toe thanks to it.

[SpiderDude]

aww cmon this is just not fair
i have the correct url, but it says Failed to open, and sometimes it says Access denied
when i download the files without the src.tar.gz in the url, and only with the space46 it gives me a file to download, but the mission isnt completed...

Nines....Please....HELP

[desiredtoe]

I need a bit of help on this, mostly on what I wrote before, please pm me, I wanna get this mission over.
Any help is appreciated, thanks~