Follow us on Twitter!
Become the change you seek in the world. - Gandhi
Thursday, April 24, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 16
Guests Online: 14
Members Online: 2

Registered Members: 82893
Newest Member: mor-amit
Latest Articles
View Thread

HellBound Hackers | Challenges | Basic

Author

basic 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-05-06 00:08
I've figured out that the .h******d file is not in the same directory as .h******s which means it is vulnerable to me seeing it. I've tried viewing it by injecting it's location into ?page= in url, but i don't belive this is the correct way. someone in a previous post mentioned a program/method that allows you to see all... i'm a bit confused. i know i must access .h******d but i do not know how?


Author

RE: basic 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-05-06 00:32
[quote]paintballa_4life2005 wrote:
someone in a previous post mentioned a program/method that allows you to see all... /quote]
Forget about that. First read all forum posts ,then read about .htaccess and what is protecting.
And last it doesn't always has to be ht .
Author

RE: basic 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-05-06 00:49
i've read up on .htaccess and i know what it protects, it protects folder or directory which it is inside, and all sub-directories or sub-folders. If .ht*****d is outside the .htaccess folder, then we can see the contents of .ht*****d. How do you mean it doesn't have to be ht? that's what the server is set to look for isnt it? so how could it be named something else?


Author

RE: basic 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-05-06 00:56
the server looks for what is in the access file so the file that you need is in the access file Wink
Author

RE: basic 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-05-06 00:59
I don't know how to say it different without spoiler. You can PM me.
And about ht it doesn't has to be .ht**** but it can also be .****
Author

RE: basic 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-05-06 01:39
i got it finally, can i crack it with cain and abel or do i need to use jtr?


Author

RE: basic 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-05-06 01:43
JTR. See other basic 12 topic.
Author

RE: basic 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-05-06 01:51
what format do i use for the password file when cracking with jtr?

usernamePfftassword

is this correct?


Author

RE: basic 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-05-06 01:53
just copy that to pass.txt in jtr folder (all-***:***) and type john-mmx pass.txt.
Author

RE: basic 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-05-06 01:56
cool thanks, thats what I did and it's still workin.

What method does JTR use to crack passwords?


Author

RE: basic 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-05-06 02:21
jtr has been running for half hour now and still nothing, is this normal?


Author

RE: basic 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-05-06 02:29
paintballa_4life2005 wrote:
jtr has been running for half hour now and still nothing, is this normal?

im think as most brute forcing does take a long time mines bin runing for just a bit more then that... i wanna really wanna do this challenge before i go bed aswell
Author

RE: basic 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-05-06 16:50
lolGrin
I cracked it in 2 seconds with jtr 1.7.
Author

RE: basic 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-05-06 17:06
cesnjak wrote:
lolGrin
I cracked it in 2 seconds with jtr 1.7.

lol same when i relised the other way of doing it...
Author

RE: basic 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 19-05-06 11:00
yeah just for anyone readin this use a word list rather than brute force. And be sure not to open the wordlist file in your browser window like i did on accident, right click and save


Author

RE: basic 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 19-05-06 11:49
LOL finally some help with using jtr and yeah sorry for confusing you topic starter about where to start on this challenge i was able to figure out jtr though thanx everyone

Edited by on 19-05-06 12:03