Follow us on Twitter!
It is the path of least resistance that makes rivers and men crooked. - Bj Palmer
Saturday, April 19, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 27
Guests Online: 26
Members Online: 1

Registered Members: 82843
Newest Member: hx47
Latest Articles
View Thread

HellBound Hackers | Challenges | Basic

Author

basic web 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 30-05-11 11:00
Hey everybody,

i' found the password and the user name Wink

but auth doesn't work Pfft

a +
Author

RE: basic web 12

starofale
Member



Posts: 218
Location: England
Joined: 05.12.07
Rank:
Moderate
Posted on 30-05-11 13:51
I suspect you've just got the password hash, not the actual password. You need to crack it then submit the plaintext password.


Try a new search engine
Author

RE: basic web 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 15-11-11 03:59
I know this thread is a little old but I felt my question was relevant to the topic. So the password is obviously encrypted because if you just enter the user name and password you find at (super secret file) you don't get authorized. However, was I supposed to already know that the password was encrypted because of the file it was found in? Are all passwords put here automatically encrypted? Or were they encrypted and then stored here?

I mean it isn't that big of deal because once you find the password and try it & fail, you then know something is up and it is likely encrypted.

I'm just wondering was I supposed to know it was encrypted before even trying it and failing?


Thanks,

Jack

NOTE: I'm not sure if anything here is really a spoiler. I'm pretty sure it is not. If any mods believe it is just let me know and I'll change the offending texts. Thanks!


Author

RE: basic web 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 15-11-11 04:06
Ok well after doing some more searching...(probably should have done that before I posted eh? Sorry.)...I found that it looks like you have to encrypt the passwords your self prior to putting them in the (super secret file). Am I right? Just having them there doesn't mean they'll be encrypted, but you shouldn't put them there without first encrypting them. And there are online tools that allow you to automatically make this file and they encrypt the passwords for you.

Is my thinking here correct? Or did Google lie to me? Smile

I'm just trying to better understand this.

Thanks...again!


Jack




Edited by on 15-11-11 04:07
Author

RE: basic web 12

dopeboimag1k
Member

Your avatar

Posts: 30
Location: the Internet
Joined: 01.05.11
Rank:
Moderate
Posted on 15-11-11 07:09
In my experience working with that secret file, whether or not your encrypt the contents of that file depends on how you generate that file. There are different options that allow you to either have the file be encrypted automatically or have it be in plain text.

Check out the documentation on Apache's website. I would give you the link here in the forum but that would be a major spoiler. That page will tell you all the information you want to know as far as encryption and creation of that file.

PM me if you want the direct link.


thirdgen.net16.net/images/signature.jpg

"Everybody wants greatness but nobody wants to work for it."

"If it was easy, everybody would do it."