Follow us on Twitter!
Imagination is more valuable than knowledge - Albert Einstein
Wednesday, April 16, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 19
Guests Online: 18
Members Online: 1

Registered Members: 82807
Newest Member: Black Hawk
Latest Articles
View Thread

HellBound Hackers | Challenges | Realistic

Author

Real 15 down or did I make a mistake


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 30-11-09 01:35
Hey guys, first of all I want to say I'm back! (some old members will still know me Grin) And I'm trying to catch up with the challenges Pfft I saw some Real 15 threads but they are rather old so I made a new one.

I'm at the part where I'm supposed to delete the content. I got into the (real) shell **1***.php and got there through with the right referer. I did the unix command for listing files (see I'm not trying to spoil here Wink)

It worked and when I tried getting into the root account by using the ** command, it said "You are now root!" and I got redirected to the index page. Is something not working or is my refering tool not working after submitting that command?

Thanks in advance.




Edited by rex_mundi on 26-03-13 14:02
Author

RE: Real 15 down or did I make a mistake?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 30-11-09 01:38
Think there is time senstive aspects.


Author

RE: Real 15 down or did I make a mistake?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 30-11-09 01:58
When I hear time sensitive aspects, cURL pops into my mind immediately Smile Thanks for the hint, I'll give it a try.

Edit: Thanks mate, I'm now logged in as root :-) I used cURL to see where the page was redirecting me to.




Edited by on 30-11-09 02:19
Author

RE: Real 15 down or did I make a mistake?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 30-11-09 03:19
Okay I deleted the content but now when I get to the next page it says sending logs.. and get redirected to the fail page.

When I try to delete the logs with cURL it says "Are you sure" and still get redirected.




Edited by on 30-11-09 03:50
Author

RE: Real 15 down or did I make a mistake?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 30-11-09 03:47
FireSt0rm wrote:
I tried things like: ch*** -* *+* p*****_****
Also tried = and , for every group.

There are two ways to do the command you're doing. One is the way you're doing it, and the other has numbers instead.


Author

RE: Real 15 down or did I make a mistake?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 30-11-09 04:05
I already got that part now Grin Now I'm trying to delete the logs before it sends me to the fail page. When I try to delete them it says "Are you sure", so I press 'y' but still get redirected to the fail page Sad


Author

RE: Real 15 down or did I make a mistake?

yours31f
Member



Posts: 1678
Location: Dallas Texas
Joined: 27.04.07
Rank:
Elite
Posted on 30-11-09 04:19
Try escaping the page forwarding. Hint Hint


Debugging is what programmers do to beta software to make it take up more room on your hard drive if it is running too efficiently.


img259.imageshack.us/img259/3713/sigr.png

yours31f@live.com yours31f@yahoo.com rpwd.info
Author

RE: Real 15 down or did I make a mistake?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 30-11-09 19:35
Thanks I did that part Grin Because of the redirection I couldn't see the error message after I tried to delete the logs. Apparantly I have to ch*** it aswell, but I forgot which previous ch*** command (of the p****_h***) worked -_- So I guess it's back to trial & error for me now :angry:


Author

RE: Real 15 down or did I make a mistake?

ArgonQ
Member

Your avatar

Posts: 17
Location:
Joined: 20.11.09
Rank:
God
Posted on 15-01-10 22:07
I cannot get this damn ch*** in the shell to work.

I've read all the forums, i've googled, i've read the man pages.
I've tried loads of variations, even tried urllib2 to post cmd's.
Any help would be most welcome.
'cos this is doing my swede in.
lead to
Author

RE: Real 15 down or did I make a mistake?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 29-06-10 21:05
When logged in to the correct shell as root, deleting the content is a matter of issuing two commands; The first to modify the permissions of a certain directory. And the second, to remove that directory. So, would it be possible to confirm the following, without spoiling the challenge?

If I'm using the correct second command, and it fails, should I be receiving a "Permission denied." error?

I ask for two reasons; First, I've been using cURL to bruteforce all of the possible numeric inputs for the first command, both in recursive and non-recursive format, and the result of the second command is always "Permission denied." And second, there is another command that seems slightly more appropriate, but offers nothing in the way of confirming whether or not the command has worked.

I'm also unsure of how I would use cURL to monitor the redirects (a technique that led to FireSt0rm being able to make it past this point). Any input on that would be great as well. Thanks in advance.
Author

RE: Real 15 down or did I make a mistake?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 30-06-10 01:07
This is my challenge most people cheated their way through though :/


Author

RE: Real 15 down or did I make a mistake?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 30-06-10 20:44
Ok! Finally got through this. Awesome mission wolfmankurd. I found what I was doing wrong in another real 15 thread. For anybody having trouble at this same spot, don't bother with the numeric or recursive forms for the first command. They don't seem to work, or at least didn't for me. Think simply, very simply. Once you've got the correct form of the first command, make a mental note of it. You'll need it again before the mission is done.