Hack This Site Forum

Hi,

When using wireshark, I'm supposed to filter by HTTP, but what if I'm originally logged on in HTTPS? Since all the
stuff are encrypted, I filter via ssl; but I can't read any of the encrypted stuff.

I've searched google for help on decrypting ssl handshakes and application data but that's completely above my
head and I don't see anyone saying anything about SSL on this thread.

And now, i don't even know how to go back to HTTP for hackthissite.org.

Any help appreciated.

Ix

Edit: I've completed this mission. Just forgot to post here as well as having forgotten how I figured it out.

Hi guys, I have finally completed the mission.

I didn't use wireshark but the posts here suggest that it can be of help if you are stuck(do download it if you can, it will be useful for a person who visits this website).

Seems like most people are/were stuck at the c*****.*** file. The information given on that file on how should sections of it be removed was not necessary. So just think about how are variables separated on a URL and keep doing that until the end. Only worry about the first line, if you get that one right, it'll all be good.

The actual login isn't anything special so just get in.
A decompiler is needed and i used this one: http://www.showmycode.com. It's all done online.

I hope this post helps(if i tell you more about that file, i'll spoil it).Contact me if you are still stuck. Good luck

Hey guys,

I'm looking for some help with wireshark... got to the login page and seems obvious there is a file hidden somewhere used for identication. So i tried to use wireshark and "sniff" the location but i can't get it to work properly. After few hours of unsuccessfull trials, i find a youtube video showing EXACTLY what I did and indeed obtenaing the answer i was looking for.

Could someone give me a detailed explanation on how to find THE packet with the file location using wireshark ? I've been trying every option i could find and this exact packet seems to never appear.

Thanks


EDIT : after looking a solution on Youtube (I know it's bad), I can see that the guy is connected to http://hack..../16 and not httpS://... I guess that could be the reasn why wireshark can't sniff the GET packet that would then be encrypted... but i can't connect to the http. Is there a way to "bypass" the redirection and get to the http and not https ? Is the challenge still doable with https ?

I hope this isn't spoiling it, I don't see why it would, but I've found that other c***** file with a***_p*** which I am guessing is the admins. Anyhow, I'm not sure where to go from here. I know how to pass values in the URL, for example, name=Billy&age=10, but I don't know which variables the challenge is looking for, I'm pretty sure *where* to put them though. A little nudge in the right direction would be appreciated, if any of you still visit this ghost town that is.

I can see that a***.php shows a*****=***** but again, I don't know how to connect these files together.

Yeah so I've figured out what to register as, and I've changed the c*****.txt to what I want, but the semi colon is still there, how do I get rid of that? I've tried using a poison null byte but that didn't work. I've looked at my keyboard but no character is popping out at me, am I blind?

I struggled for a long time on this one. I had missed the second special comment in the HTML on a particular page that Monica hinted at earlier.

Once you have that, combined with your analysis of the HTTP requests (any modern browser's dev tools include a tool for looking at network traffic. Wireshark isn't the most accessible tool for this mission, esp since we're in the 2010s), I tried registering as a bunch of users, which helped me understand how to properly replace the ***f*g.*** file.

I have no idea how people would do this without a flash decompiler for the other flash object. For reference, an open source one that transforms the .swf to an .xml file is swfmill.

A sample invocation looks like "swfmill swf2xml ch***_****l.swf ch***_****.xml", where the *s are of course to prevent spoilers.

This mission was shorter than some of the other harder ones, but it was still fun. Did anyone else feel like it was wrong to hack into someone else's email?