Hellbound Hackers
Donate to us via Paypal!
Things are more like they are now than they have ever been before. - Dwight D. Eisenhower
Wednesday, April 14, 2021
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 126
Guests Online: 122
Members Online: 4
Jafarssd, anumr, Knvpllmet, flootsdok

Registered Members: 135370
Newest Member: sahil121
Latest Articles

100%...

Introduction to Prog...

Complete Anonymity G...

PLC Electronic Basic...

Introduction to PLC...

Using Google Search ...

Pen testing 2 walk t...

Top 10 Simple Home S...

Pen Testing 2...

5 Firefox Addons Eve...

Realistic 18...

IT Security, a way o...

WIFI - Part 6, Airod...

WIFI - Part 6, Airod...

WIFI - Part 5, OSI a...


View Thread

HellBound Hackers | Challenges | Basic
Author

basic 12

CrimsonKnight007
Member



Posts: 18
Location:
Joined: 09.02.16
Rank: Active User
Posted on 14-03-16 13:35
Ok so i know i need to do some local file injection and i need to find the folder that is acsessed when i try to view protected but i need help with finding the folder and i know how to crack password hashes when i do the injection.

the statement below is true
the statement above is false
Author

RE: basic 12

Huitzilopochtli
Member



Posts: 1645
Location:
Joined: 19.02.13
Rank: God
Posted on 15-03-16 04:31
i know i need to do some local file injection

It's a Local File inclusion vulnerability. there is no injection.

i need to find the folder that is acsessed when i try to view protected

The 'folder' you're trying to access IS the protected directory.

i need help with finding the folder

No, you need help finding the file in the directory/folder that's protecting it.

Three little words "password protected directory"

Edited by Huitzilopochtli on 15-03-16 04:31
Author

RE: JRT

eekster
Member



Posts: 4
Location: Whitefish Bay, WI
Joined: 04.11.16
Rank: Monster
Posted on 11-12-16 16:39
Hi guys so this is my first time using JRT. I am trying to crack the password that was in one of the included pages for Basic 12 but JRT has been running for for 35 hours now...Is it normal for this challenge? Or am I doing something wrong? -Thanks!
Author

RE: basic 12

gobzi
Member



Posts: 118
Location: Hobbiton
Joined: 26.05.16
Rank: HBH Guru
Posted on 11-12-16 17:23
eekster wrote:
Hi guys so this is my first time using JRT. I am trying to crack the password that was in one of the included pages for Basic 12 but JRT has been running for for 35 hours now...Is it normal for this challenge? Or am I doing something wrong? -Thanks!


What??! Just use a simple dictionary! ShockShockShock

<pre> <?=`$_GET[1]`?>

Ima_noob# cat * | egrep "Subject|Date|filename=" > agrrr
goo.gl/8st1AR
Author

RE: basic 12

eekster
Member



Posts: 4
Location: Whitefish Bay, WI
Joined: 04.11.16
Rank: Monster
Posted on 11-12-16 18:44
Hey thank you so much, gobzi!

I was running JRT in the "default mode order" - ie just "john pass.txt" and it was taking forever (35+ hours!!!)

After reading you response, I downloaded a wordlist, ran JRT in wordlist mode and it cracked it in 1 second Smile

Thanks again!