Please ask questions only in this topic.

[vaska94]

i FOund Password
and what type of encoding is it ? : D

[rootux]

I've found the m********gi page source and bruthforced my way in.
now I don't know which user account shall I use.
Should I go back and use the null poison byte to get to a list of users?
Should I use the null poison byte in this form also?
Is there a way to enter to sub directory with null poison byte without getting a malformed request error?

thanks.

[KyleAnderson]

Sooo... What do you guys make of this file?
It appears to be a jpeg:

Code: Select all

kyle@kyle-desktop2:~/Desktop$ file robots.txt
robots.txt: JPEG image data, JFIF standard 1.01


But I can't seem to open it. What do you guys thing?

[Lenamote_14]

Hi guys
This is mi firts reply on HTS forum so i hope i could get some help
I really dot know much about PHP only the basic to make a cookie stealer xDD
So im stuck in this level i cant move beyond the m********.c** i apply de null byte on this file and saw it's source but i dont know what to do next.

Maybe i need to make some script to decrypt any pass

I really will apreciate your help

Cumpz

LeNaMoTe

[st00ne]

aaa same here.. i see the source and i think i know that i sould use a***i and v********d functions, but i dont know how
i have perl on my pc and trying lots of stuff but joust cant get it...

i have knowledge of c,c++ but not too much of perl...

so i need a hint on what to concetrate

EDIT: nvm solved it...
wao this was the most interesting and enjoying mision ever..
it was Worthy of all of my time...

[picapau]

Hi,

Ive bypassed the v******y in the m*******.c** and now I need an username or mail address that I have no clue, how to get them!
Im stuck! Please help! Any hint is appreciated!

Thanks!

[st00ne]

how did you find m********.c**, search everywhere....

[TheBarkMaster]

Hi all,
I'm getting rather crazy about this mission(as I did with the before one til I found it) but this is the first time I post on the forum. I know about poison null bytes, and also have seen the m********.c** and it's source but I just don't know enough of perl to bruteforce it's va***k*y function, and as I think reversing is impossible in this case. Could please anyone help me, or just post me the code to bruteforce it? so that I can study that. Although I would prefer hints. Thanks in advance!

[Belman]

in the "mod".cgi php code, what is "sub" in the "sub validkey"? i keep getting a parse error T_string on the line

[Cybicool]

wtf? I got my perl code working with some copypasta and trial and error, so i get a set of multiple passwords that fit the algorithm and pass through the function, but when i enter them into the m*********.*** it says that i have an invalid id. this is pissing me off because I am fairly certain that it is right, because i didn't touch the code for the functions at all. i copypasta'd like 3 times and it says that my ids are right. analyzing my packets with wireshark shows that m********.*** is sending the "action" variable as "login" which is not in the source code at all.