Page 7 of 11

Re: Please ask questions ONLY in this topic.

PostPosted: Mon Mar 23, 2009 1:18 pm
by Defience
Smokeho wrote:Maybe I wasn't clear enough. Yes, it's the right username, yes, I can edit, but in order for it to work when i press Login, that line for the timezone has to be commented or something, right? I don't know any other method.


What I would suggest is to go to the Article section and find the one that's there on Real 16. Read through it and 'walk' along with it and see if it takes you in the same direction in which you are trying.

Re: Please ask questions ONLY in this topic.

PostPosted: Fri Jun 05, 2009 9:01 am
by Finarfin Palantir
OK, I don't know how nobody else has been struggling for over a month, but I'm blasted away.

I've found the page with the flash file,

I know where there ******.t** of the admin users lies and I also know where that exact same file for the user lies, I understand the the challenge can't really overwrite that file since a whole bunch of people would then complete the challenge until the file is reset, but I can't for the life of me figure out which way to go.

I know the exact field that goes to the top line of the user file mentioned above is and I know I should terminate it, so currently I have that value on my profile page set to

a***_****=******.t**&a****d=t***
With a last character at the end since there is more in the mentioned file than just what I need.

But for some reason after I update and try to login on the page with flash I still get an access denied error?
Am I missing something totally obvious?

Re: Please ask questions ONLY in this topic.

PostPosted: Fri Jun 05, 2009 3:19 pm
by Defience
Finarfin Palantir wrote:OK, I don't know how nobody else has been struggling for over a month, but I'm blasted away.

I've found the page with the flash file,

I know where there ******.t** of the admin users lies and I also know where that exact same file for the user lies, I understand the the challenge can't really overwrite that file since a whole bunch of people would then complete the challenge until the file is reset, but I can't for the life of me figure out which way to go.

I know the exact field that goes to the top line of the user file mentioned above is and I know I should terminate it, so currently I have that value on my profile page set to

a***_****=******.t**&a****d=t***
With a last character at the end since there is more in the mentioned file than just what I need.

But for some reason after I update and try to login on the page with flash I still get an access denied error?
Am I missing something totally obvious?


The username that you choose to register with is important. The script above looks fine. If you can't login as admin then it's probably the username issue. If you can login as admin but can't view the emails, a flash decompiler can help. Also, make sure you're using Firefox for this.

Re: Please ask questions ONLY in this topic.

PostPosted: Mon Jun 08, 2009 8:42 am
by Finarfin Palantir
Thanks

I am working in Firefox... I sent a pm to prevent spoilers. I'm pretty sure after what you've said that I'm close and as far as I'm concerned the Username is fine, because I did get a "sort of error message" if you know what I mean? Anyway, thanks for your time, greatly appreciated.

EDIT: OMS, if you think your missing something really really obvious, then you really really are missing something obvious.

Re: Please ask questions ONLY in this topic.

PostPosted: Thu Jul 30, 2009 10:58 pm
by BLA40R
Hello everybody!
I started Realistic 16, and I get results very quickly because I can enter to the admin website, and the (L****.s**) file .But do you have any idea of how I can change c*****.t*t file ?? (I enter to the Bob's Super Site)

Thanks!!

BLA40R

Re: Please ask questions ONLY in this topic.

PostPosted: Fri Jul 31, 2009 5:02 pm
by Defience
Maybe you can exploit the members registration area?

Re: Please ask questions ONLY in this topic.

PostPosted: Sat Aug 01, 2009 2:27 pm
by BLA40R
Defience wrote:Maybe you can exploit the members registration area?

I´ve tried several ways to exploit the registration Area. But no results . I Been stuck there for a while.
I feel like an stupid but Another Idea??

Re: Please ask questions ONLY in this topic.

PostPosted: Sat Aug 01, 2009 5:50 pm
by eljonto
ok, you know that you gotta edit the c*****.t** file, lookaround the site when ur logged in, where does the site save your account details such as decsription etc? then you'll need to figure out how to change the path where your details save, think DT, and think how your username is effective here, then create a new account with the appropriate username.

Re: Please ask questions ONLY in this topic.

PostPosted: Mon Aug 17, 2009 10:10 pm
by hziggles
OK I've been sitting on this one for a while, and I just can't get it. I freaking can't find out how to overwrite the c*****.txt file (I think that's the one I need to overwrite, but it might be a***.p**), or where user details are saved. This is getting ridiculous. Please give me a biig push in the right direction and then hold a sword to the back of my head so I can't turn around. I need help on this one people.

Re: Please ask questions ONLY in this topic.

PostPosted: Thu Sep 10, 2009 4:36 am
by OnlyHuman
I just started this one, and I've put together some really good notes already. I understand how the pages are linked and have drawn conclusions about various portions of the server's directory structure. My issue is a matter of access. So, in order to prevent me from blindly chasing rabbits here, is it at all possible to complete this mission without registering an account with SimpleMail? Namely, is it possible to gain account privileges, without going through the registration process? I don't need to know how it's done, just whether or not that functionality exists within this mission. I'm assuming the session handling is done by a specific module pushed by in***.p**, and that login could possibly be achieved by exploiting certain aspects of said module. I know that in a real world situation, I'd need to discover this for myself, which could take quite a long time, and loads of experimentation. But, based on the posts that have been written here, and the tutorial for this mission, my assumptions could lead me on a long and fruitless journey. I'm not really asking for a handout in this sense, just a little guidance. So, if this method of gaining access is just a dark alley, I'd like to know so that I'm not wasting my time. Thanks.

EDIT:

I just finished this one, following the method discussed here, and am still not 100% sure that I wasn't on the right path before. So, I'm still interested to know if there was an alternate method of gaining access. The mods and devs elude to the possibility, but I gave up on finding it once I saw a much simpler path. Perhaps somebody could send me a message hinting at an alternate solution. It would be worth trying a second time.

Here's a bit of info for those having trouble:

    1. There is absolutely no need for a packet sniffer on this mission. That was probably the biggest misconception from the tutorial. However, now that I've completed the mission, I fully understand why it was suggested.

    2. A Flash Decompiler isn't needed but it definitely cuts down on the experimentation time.

      I saw that somebody asked for a good free one. flasm and flare did the job for me. Both are also cross platform as far as I know. And, they're good at what they do.

    3. If you do decide to use a decompiler, put off using it until late in the mission, otherwise, you're just going to confuse yourself.

    4. Overwriting that certain pain in the ass file, is actually fairly simple. The required parts are pretty much a given, however there is the aspect of making sure only certain things get read from the file. And, unfortunately, like most people, I made quite a bit of noise during the learning process. Hint, remember that this IS a learning process, and that there are several characters that your keyboard will produce. Just go nuts until you find the right one(s). You'll know better next time.

Anyway, this was a fun mission. A little short, but fun. And, if anybody knows an alternate method of completing this one, please point me in that direction. It would be fun to try.