Please ask questions only in this topic.

Re: How to start Realistic 14?

Post by avoc on Wed May 28, 2008 1:52 pm
([msg=3426]see Re: How to start Realistic 14?[/msg])

what should i do next after i get the file list of we*******it?
i got a 500 error when i tried to open d******gi
and am i heading the right direction?
Last edited by avoc on Thu May 29, 2008 10:36 pm, edited 2 times in total.
avoc
New User
New User
 
Posts: 1
Joined: Wed May 28, 2008 1:45 pm
Blog: View Blog (0)


Re: How to start Realistic 14?

Post by jourdie on Thu May 29, 2008 3:41 am
([msg=3474]see Re: How to start Realistic 14?[/msg])

Ok i guess this is the active thread now....
Avoc, i suggest that you look at instead of actually performing a poison null byte on a file...Try looking at directories instead...
Trying not to give much a way...Hope this helps.

Post if u need a little more help,
This is a paradox: I always lie
This is a statement: You're a fag!
jourdie
New User
New User
 
Posts: 18
Joined: Sun May 04, 2008 7:23 am
Blog: View Blog (0)


Re: Poison Null Byte...moving on

Post by jourdie on Thu May 29, 2008 3:49 am
([msg=3477]see Re: Poison Null Byte...moving on[/msg])

Ok, i found the perl script and understand the encryption, i just now need access to resource that will let me decipher it...
Im almost certain i cant just put in a hash, so im thinking mayb create a function with the same variables, and then run the IF statement....
Or can i just copy and paste the perl script and compile it?

Posts are welcomed
B1nd/Jourdie
This is a paradox: I always lie
This is a statement: You're a fag!
jourdie
New User
New User
 
Posts: 18
Joined: Sun May 04, 2008 7:23 am
Blog: View Blog (0)


Re: Poison Null Byte...moving on

Post by hex_wannabe on Thu May 29, 2008 6:26 pm
([msg=3591]see Re: Poison Null Byte...moving on[/msg])

I can't help you with this, but I couldn't help but laugh at your little conversation with yourself!
I'm more screwed than you with this mission, I think I'll just go back to budgetserv
http://www.netninja.co.nz - My writing forum
hex_wannabe
Experienced User
Experienced User
 
Posts: 96
Joined: Sat May 10, 2008 10:15 pm
Blog: View Blog (0)


Re: How to start Realistic 14?

Post by nermd on Thu Jun 12, 2008 7:06 am
([msg=4590]see Re: How to start Realistic 14?[/msg])

i am at the last stage of this mission (at the a**********.c**).
Ok i understand the code and i think i know what i have to do ... but is their any way of "finding" the names of the things you have to set then trial & error? - just tell me yes or no ... no spoiler please, i love this mission ... :D

nermd

//edit: ahhhhh i am so stupid ... got it ...and still love this "insane" mission :D :D
With this world there is no understanding, we belong their only to the extent, as we rebel against it (Theodor W. Adorno) --> if somebody knows a "official" translation for the well known german quote ... pls let me know!
User avatar
nermd
New User
New User
 
Posts: 42
Joined: Fri May 23, 2008 3:22 am
Blog: View Blog (0)


How to "Reply"

Post by ZeroChaos on Tue Jul 01, 2008 12:10 am
([msg=6189]see How to "Reply"[/msg])

Ok, this is the second misson that I can't figure out how to complete since I am apparently not smart enough to reply. How do I do that?
-ZC
ZeroChaos
New User
New User
 
Posts: 3
Joined: Mon Jun 30, 2008 10:00 pm
Blog: View Blog (0)


Re: How to start Realistic 14?

Post by Vagabone on Tue Jul 01, 2008 2:30 pm
([msg=6261]see Re: How to start Realistic 14?[/msg])

Hi there,

I am at the last step. At the a***********.c**, I think I understand the code. I don't know if chec***r() and i*adm*n() are perl function or hts functions.
Now, I don't know what I have to do. There is a $u**r, a $l*g*n, a $p**s. I have to change these values to correct values. But how? I have some ideas, but nothing strong. If you want to show me the way...
And an other mystake, why is there a $u**r and a $l*g*n?
Thank you.


EDIT: How could I be so stupid?
When you are focused on finding a security fault, you forget the easy part! When you have a pass and a username, why not using them? :oops:
Vagabone
New User
New User
 
Posts: 11
Joined: Fri Jun 13, 2008 7:16 am
Blog: View Blog (0)


Re: How to start Realistic 14?

Post by Tommyboy123a on Mon Jul 07, 2008 4:51 am
([msg=6740]see Re: How to start Realistic 14?[/msg])

I have the same m*****or.cgi file opened and everything but is it written in some kind of jibberish language? I can't follow this script at all... I managed to figure out it has something to do with the function validkey ("sub validkey" is written - why the word "sub"?) as well as ascii function and has to do with the number of characters in the id or something of this sort?

Essentially what i have is a collection of seemingly pointless pieces of information. A little help connecting the dots would be greatly appreciated

Also, i get that it needs to "pass" the validkey (result cannot be 0) but is there only one single possible id or are there multiple solutions?
Tommyboy123a
New User
New User
 
Posts: 8
Joined: Tue Jun 24, 2008 8:14 pm
Blog: View Blog (0)


Re: How to start Realistic 14?

Post by IpHa on Wed Jul 09, 2008 7:00 pm
([msg=7024]see Re: How to start Realistic 14?[/msg])

I've hit a bit of a snag. I have the source of m********.c**, I've found the function that checks the password and I understand what it does, but short of brute forcing it I don't know how to reverse it to get the password.

EDIT: never mind, I figured it out.
IpHa
New User
New User
 
Posts: 2
Joined: Tue Jul 08, 2008 9:59 pm
Blog: View Blog (0)


Re: How to "Reply"

Post by col333 on Sun Jul 20, 2008 4:43 pm
([msg=7905]see Re: How to "Reply"[/msg])

I'm stuck with the exact same problem - wrote my decryption program, got original message, don't know what to do with it.
Anyone know?

**Edit**
Just worked it out.
You need to treat it like that message came from a user on hts.org
Sorry if I gave a way too much but tbh it isn't very clear.
:P
col333
New User
New User
 
Posts: 2
Joined: Fri Jul 18, 2008 4:38 pm
Blog: View Blog (0)


PreviousNext

Return to (Real 14) Yuppers Internet Solutions

Who is online

Users browsing this forum: No registered users and 0 guests