Grump .... stuck ... whine

900 billion dollars were spent on guns this year! Now rumours are spreading that seculas Ltd. is developing an awful laser aided weapon, and that they already have patents pending. Please try to find out what their latest patents are about.

Re: Grump .... stuck ... whine

Post by milnet_ on Thu Aug 20, 2009 2:38 am
([msg=28184]see Re: Grump .... stuck ... whine[/msg])

Codezilla:

At the article: http://www.hackthissite.org/articles/read/793/2/30 it is shown how to build that form. As you alreadeady figured out you need a directory traversal!
HINT This implies, that you don't use the original password file!/HINT
milnet_
New User
New User
 
Posts: 2
Joined: Thu Aug 20, 2009 2:30 am
Blog: View Blog (0)


Re: Grump .... stuck ... whine

Post by illegalzxx on Fri Aug 21, 2009 12:48 am
([msg=28223]see Re: Grump .... stuck ... whine[/msg])

I need a mods or administrators help, I have the correct encrypted file and the zipped file (at the right compression). Pkcrack will not work for me. There's an issue saying "Sorry, not enough memory"...although I pretty sure there's enough.
illegalzxx
New User
New User
 
Posts: 1
Joined: Wed Aug 19, 2009 7:02 pm
Blog: View Blog (0)


Re: Grump .... stuck ... whine

Post by InsDel on Fri Aug 21, 2009 10:15 am
([msg=28241]see Re: Grump .... stuck ... whine[/msg])

For those with illegalzxx's problem, try using the *nix version of pkcrack instead. I had the same problem at first, but booting into Linux worked for me.
InsDel
New User
New User
 
Posts: 1
Joined: Fri Aug 21, 2009 10:14 am
Blog: View Blog (0)


Re: Grump .... stuck ... whine

Post by Maxinova on Fri Sep 18, 2009 9:40 pm
([msg=29813]see Re: Grump .... stuck ... whine[/msg])

If anyone is still struggling to get the html form part of this mission to work (getting blank page after clicking the "read messages" button) this may be of help to you.

DO NOT copy and paste the form template from the tutorial. It will cause you problems.

Hope this helps.
Maxinova
New User
New User
 
Posts: 1
Joined: Tue Sep 15, 2009 5:44 am
Blog: View Blog (0)


Re: Grump .... stuck ... whine

Post by old_grizzly on Sun Oct 04, 2009 2:00 pm
([msg=30434]see Re: Grump .... stuck ... whine[/msg])

for those of you having trouble with pkcrack in windows or dos.
When you are keying in the info for the encrypted file (path to encrypted file, within the zipped archive), use a forward slash instead of a backslash. Remember, the both the tools (PKzip, PKCRACK) were made for *nix based systems and i think the person/s who made the MS port might of missed a step.

This had me going for a while.

BTW.

Encrypted Zip = way to go
The first logon screen = Pain in my A$$.
Second Logon (S****.php) piece of PI$$
3rd logon = thorn in my side.

Me thinks this mission should be revised and recoded.

A developer can PM me if they want to hear my idea's or shoot me a copy of the sourcefiles and I can "tweak" them and send them back for testing.

Love this Site.

Regards

Old_gRizzly
old_grizzly
New User
New User
 
Posts: 3
Joined: Sat Aug 29, 2009 1:19 am
Blog: View Blog (0)


Re: Grump .... stuck ... whine

Post by chronic12 on Sun Feb 07, 2010 7:06 pm
([msg=34631]see Re: Grump .... stuck ... whine[/msg])

I am having problems with the form here is what I am using I saved it in notepad as doc.html and then execute it. I get a send button on the page press that and a blank page is this correct? however when I click the read messages I get wrong username/password msg. Here is my form:


[Removed by: Defience]

can anyone see fault with this? :cry:

-- Sun Feb 14, 2010 10:38 am --

My form has been removed but no reason given or response?

-- Tue Feb 16, 2010 4:44 pm --

Defiance can you tell me why my form was removed and any advice you have on its functionality?
chronic12
New User
New User
 
Posts: 3
Joined: Thu Feb 04, 2010 3:50 am
Blog: View Blog (0)


Re: Grump .... stuck ... whine

Post by UKCrack on Mon Mar 22, 2010 6:51 pm
([msg=37201]see Re: Grump .... stuck ... whine[/msg])

Hey there, I had problems when dealing with this until I had a few coffees and realized things.
Look around the forums, more than plenty of hints around. Read the code you found, analyze the important stages.
Then think how things are processed. The trick is to work out a few lines of code an work the bypass
Basic: Complete
Realistic: Complete
Application: 1,2,3,4,5,6,7,8,9,10,11,12,14,15,16,17,18
Programming: 1,2,4,11,12
Javascript: Complete
Irc: 1
Extbasic: 1,2,3,4,5,6,7,8,9,10,12,13
Stego: 1,2,3,4,6,7,8,13
UKCrack
New User
New User
 
Posts: 20
Joined: Tue Mar 31, 2009 4:57 pm
Blog: View Blog (0)


Re: Grump .... stuck ... whine

Post by gregorian on Sun Mar 28, 2010 1:05 am
([msg=37393]see Re: Grump .... stuck ... whine[/msg])

Please don't use 7zip for compressing the file to 1245 bytes. It's not going to happen. After many frustrating attempts, I just used the software mentioned in the tutorial and achieved the compression almost immediately. Then I pkcracked it in less than five minutes.

-- Sun Mar 28, 2010 3:26 am --

I'm trying to get past the blank message part. I understand that I need to make the regular expression evaluate to true. I used TamperData add on on firefox to send some strings to the script but nothing happens, I get a blank page.

Q1.
When I do the same thing using a Perl script I'm able to see the error message. I don't know why can't I get this error in a browser. What's going on?

-- Sun Mar 28, 2010 6:27 am --

Q2.
All right, I can't proceed beyond this point since the solution that works on my computer doesn't work on the server. This regular expression matches everything (of a large length) using only the allowed characters. I have no idea why it doesn't work on the server:

Perl script

Code: Select all
#.[(*$^+\| are not allowed

my $x;
foreach $i (a..z,0..9,A..Z) { #Each character or digit can appear 0 or any number of times consecutively
$x .= "$i\{0,\}";
}
$x .= "!\{0,\}@\{0,\}#\{0,\}%\{0,\}&\{0,\}_\{0,\}-\{0,\}=\{0,\}`\{0,\}~\{0,\}"; #Now I put symbols
$x .= ";\{0,\}'\{0,\}]\{0,\}}\{0,\}<\{0,\}>\{0,\}:\{0,\},\{0,\}";

#$x .= '\)\{0,\}"\{0,\}\/\{0,\}?\{0,\}'; These symbols cannot be put in the string without using the backslash (which is censored). Hence I've commented it out

$x x= 100; # Repeat the entire construct a 100 times


-- Sat Apr 03, 2010 5:23 am --

I've finally completed the mission. Regarding my previous regular expression query, the only reason I believe it doesn't work is because HTS doesn't accept that particular solution. Please correct me if I'm wrong, because in my opinion the solution using the regular expression generated by the above script is more general than the one given in the tutorial. I noticed that the characters { , } were not censored by the script so I could use "{0,}" as a substitute for "*". I believed that this was the method because those particular characters were conspicuously not censored.

If you have got to the point where you need to crack the double MD5, remember that the first MD5 crack must produce a 32 bit value (because the first MD5 encryption would have produced a 32 bit value). MDCrack won't allow my CPU to crack values 32 bits in size so I used an online MD5 database. A database doesn't compute, it just saves time if the hash has been cracked before.

The last part of the mission is using a buffer overflow. The method for breaking it was obvious to me after reading the Buffer Overflow articles on this site.

I however am still looking for the answers to Q1. and Q2.

Best of luck.
gregorian
New User
New User
 
Posts: 10
Joined: Thu Mar 25, 2010 9:04 pm
Blog: View Blog (0)


Re: Grump .... stuck ... whine

Post by sanddbox on Tue Jun 15, 2010 12:40 am
([msg=40086]see Re: Grump .... stuck ... whine[/msg])

I'm getting the same "Sorry...out of memory" problem that other user was getting. What do?
Image

HTS User Composition:
95% Male
4.98% Female
.01% Monica
.01% Goat
User avatar
sanddbox
Expert
Expert
 
Posts: 2337
Joined: Sat Jul 04, 2009 5:20 pm
Blog: View Blog (0)


Re: Grump .... stuck ... whine

Post by msbachman on Mon Jun 21, 2010 11:32 pm
([msg=40574]see Re: Grump .... stuck ... whine[/msg])

Why do people keep insisting on necessitating the compression results in a file size of 1245 bytes?? It needn't be this at all. I decrypted it with a file size (zipped) of 1361 bytes.

That had me confused for a few good hours. Hopefully noone else gets trolled like I did on this by people who don't know what they're talking about.
"I'm going to get into your sister. I'm going to get my hands on your daughter."
~Gatito
User avatar
msbachman
Contributor
Contributor
 
Posts: 685
Joined: Mon Jan 12, 2009 10:22 pm
Location: In the sky lol
Blog: View Blog (0)


PreviousNext

Return to (Real 15) seculas Ltd.

Who is online

Users browsing this forum: No registered users and 0 guests