Follow us on Twitter!
Things are more like they are now than they have ever been before. - Dwight D. Eisenhower
Thursday, April 17, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 17
Guests Online: 17
Members Online: 0

Registered Members: 82815
Newest Member: medjiking
Latest Articles
View Thread

HellBound Hackers | Challenges | Realistic

Author

Real 1


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-05-06 05:10
Ok, ive read over the otehr 3 or 4 posts on this page about the Real 1 mission. this is what i ahve:

I got the directory with what i am assuming is john's and the admin's encoded passwords, and their user ids.

The one thing i noticed about them is, is that if you put put both of what i am assuming are encoded passes toghter, you get what seems to be an MD5 hash. 0-9 and a-f, i think those letters are right. its also 32 letters long. but i tried putting that in as a pass, and it doesnt work. i keep hearing things about changing a cookiel. I assume that means chanign johns ID to that of the administrator via some sort of javascript: in the URL box.

Other thanthat, im lost. id love some help, but no spoilers ;D


Author

RE: Real 1


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-05-06 06:32
Yes, you need to use javascript injection (putting Javascript commands in the RUL box) to change your cookie to be the admin one.




Author

RE: Real 1


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-05-06 06:41
sigh, i got that from an article in that section. thankyou though. My problem is i cant figure that out--im not sure if maybe my syntax is incorrect.
I hope this wouldnt be too much of a spoiler, as it was in that article, but this is what i have:

javascript:void(docu<i></i>ment.cookie="***=***"Wink

Now, i have the txt file containing the information, like i said, but i think amybe im not using it right, or am putting it in the wrong places.

Also, why is everyone putting <i></i> in the middle? to me that means an HTML tag for italics...

Now, do i need to decrypt the pass or soemthign?? or is it used in that format as is?

Ar, sorry for asking so many quesitons, but im rahter lost here, thanks for your help.


Author

RE: Real 1


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-05-06 19:47
Ah, lol, nvm i got it now. that was the biggest waste of time ever!! omg that was stupid.

I didnt actually think that when they gave you the info to log in, that taht was actually the password. sheesh.

then the javas are rather tricky...


Author

RE: cookie


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 30-05-06 21:04
I know this is probibly blindingly obvious, but i know that i have to use javascript injection, and i have the deteils to inject, but i cant find the authID cookie. If i go to mozzilla, options, privacy, view cookies i can see it, but i cant find it, Sad Lil help?

twitch


Author

RE: Real 1


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 30-05-06 21:31
Try downloading the "Add n' Edit Cookies" extension for Firefox, ot really helps with editing/viewing cookies.
Author

RE: Real 1


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 30-05-06 21:52
well if its not already set, then maybe you have to set it Smile


Author

RE: Real 1


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 30-05-06 22:00
Thanks guys, ill try that