Donate to us via Paypal!
Don't judge the unknown - Grindordie
Saturday, July 04, 2020
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 50
Guests Online: 48
Members Online: 2

Registered Members: 127015
Newest Member: FOUr
Latest Articles

View Thread

HellBound Hackers | Challenges | Realistic

Author

Odd trouble with realistic 1

PlusNine
Member

Your avatar

Posts: 2
Location:
Joined: 12.05.20
Rank:
Moderate
Posted on 28-06-20 23:30
Hello HBH! I think I've ran into my first real conundrum with the first realistic challenge. After acquiring the .txt files for the johndoe login, and attempting to login with the "special cookie" as the same cookie in the text file (they matched already) still results in "Your user and pass didn't match our records". I feel like this should work, yet it does not. Am I missing something here?

Edit 1: For clarification, I seem to be having an issue with the password. It seems encoded but my attempts at decoding so far have just resulted in more confusion. Why is this stored in plaintext and yet doesn't work the way it's presented?

Edited by PlusNine on 28-06-20 23:36
Author

RE: Odd trouble with realistic 1

Huitzilopochtli
Member



Posts: 1639
Location:
Joined: 19.02.13
Rank:
God
Posted on 30-06-20 10:54
Am I missing something here?

Yes.
There is something else in that text file along with the usernames and passwords, that you haven't mentioned anywhere in your post.
You need that.


.
Author

RE: Odd trouble with realistic 1

PlusNine
Member

Your avatar

Posts: 2
Location:
Joined: 12.05.20
Rank:
Moderate
Posted on 30-06-20 19:04
Huitzilopochtli wrote:
Am I missing something here?

Yes.
There is something else in that text file along with the usernames and passwords, that you haven't mentioned anywhere in your post.
You need that.


I think I communicated my problem inccorrectly. This "something else" is in the same text file correct? It seems to be referred to as a different name within the login page itself, and after attempting to change the name of this "ID" and making sure it matched with what was in the text file for the base user (again I'm confused by that as well, why was this "ID" already set seeming correctly when I hadn't done anything to it yet?) I still have not made any progress
Author

RE: Odd trouble with realistic 1

Huitzilopochtli
Member



Posts: 1639
Location:
Joined: 19.02.13
Rank:
God
Posted on 30-06-20 23:14
This challenge is more about privilege escalation than anything to do wiith the usernames and passwords.
You just need to change one thing in order to achieve that, and the clue's in the name, it's already been "set" as an extra hint.


.