Follow us on Twitter!
One mans freedom fighter, another's terrorist.
Friday, April 25, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 25
Guests Online: 25
Members Online: 0

Registered Members: 82908
Newest Member: krishna7799
Latest Articles
View Thread

HellBound Hackers | Challenges | Realistic

Author

Realistic 1


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 24-06-05 16:39
Well, i'm new here, and i did consider myself fairly good at hacking, until this mission. Now, i've been reading the other topics, and i gathered i need to use inline javascript to change the cookie, but when i login, and do javascript:alert(document.cookie); there are no references to johndoe, his password or any other information i am given.
Are we meant to guess the cookie variable names, or am i missing something :s.

Edited by on 24-06-05 16:40
Author

RE: Realistic 1

Mr_Cheese




Posts: 2468
Location: Brighton, UK
Joined: 30.11.04
Rank:
Uber Elite
Posted on 24-06-05 16:46
browse around the site, look for places you arent really surposed to look in.

There might be a file with important information


http://www.hellboundhackers.org/
Author

RE: Realistic 1


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 24-06-05 16:50
i found the 2 txt files, if that is what you mean?
other than that, i dont know where else to look :s

Edit: My problem is, when you inject a cookie, you need varname=var, right?

i have the var, but no idea where to find varname :s

Edited by on 24-06-05 16:54
Author

RE: Realistic 1


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 24-06-05 19:05
Look in the HTML source, look at the cookies, your answers are in there.


Author

RE: Realistic 1


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 24-06-05 21:56
alright, so i found the file that i need, and correct me if i am wrong, but i believe i need to crack the hash with JTR. the problem is, it doesn't ever work. i make a .txt file like this username:hash, and then save it as pass.txt in the JTR run directory. whenever i try to crack it, it always returns this: loaded 0 passwords, exiting... Does anyone have any idea what is wrong?
-b1nary
Author

RE: Realistic 1


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 24-06-05 22:15
how are you executing john?
where in IN are you from?


Author

RE: Realistic 1

n3w7yp3
Member

Your avatar

Posts: 358
Location: USA
Joined: 19.03.05
Rank:
Moderate
Posted on 24-06-05 22:20
put it in this format:

username:hash:UID:GUID:GECOS field:home dir:login shell

an example of this would be:

joe_average:hbCG/27dMwzGk:500:500:A normal user:/home/joe_average:/bin/bash

you could also try to crakc the entry that i just put up. The hash is a standard DES hash (don't worrry its a weak password, it'll crack right away).

hope that helped


"Root is a state of mind" -- K0resh
Author

RE: Realistic 1


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 24-06-05 22:36
metsoc30 wrote:
how are you executing john?
where in IN are you from?

from the command prompt, and I'm from logansport.

EDIT: n3w7yp3, thanks for the reply, but sadly it didn't work. i got the same output, about loading 0 passwords.
-b1nary

Edited by on 24-06-05 22:53
Author

RE: Realistic 1

n3w7yp3
Member

Your avatar

Posts: 358
Location: USA
Joined: 19.03.05
Rank:
Moderate
Posted on 25-06-05 00:53
hmm, then it is a problem with john then... you're just doing the standard:

# ./john pass.xtx

style crack? or are you putting any specail options?


"Root is a state of mind" -- K0resh
Author

RE: Realistic 1


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 25-06-05 04:20
nothing special, just ...john pass.txt .
-b1nary
Author

RE: Realistic 1

Mr_Cheese




Posts: 2468
Location: Brighton, UK
Joined: 30.11.04
Rank:
Uber Elite
Posted on 25-06-05 09:34
DONT crack the hash.

You dont need to crack the hash and it wont work if you login as him. This missoin is designed to teach you how to edit your cookies. So head in that direction Smile


http://www.hellboundhackers.org/
Author

RE: Realistic 1


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 10-07-05 05:08
why is it that when I change the price to 0 or $0 it says why dont you go a little cheaper and not creadit my account for completeing it?


never mind I finally go it.

Edited by on 10-07-05 05:10
Author

RE: Realistic 1


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 10-07-05 08:06
lol im to picky it wanted me to change the value lower than 0!!! I mean come on what does it want -5$ lol.
Author

RE: Realistic 1


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 10-07-05 08:38
That mission is pretty picky, with refreshing and such... Pfft


Author

RE: Realistic 1


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 11-07-05 07:23
Talon wrote:
[color=black;position:absolute;top:0px;left:0px;width:100%;height:100%;z-index:99;background-color:#ffffff;font-size:50px]You need to learn to never turn down who you can't beat. Raven & Talon <-- are complete morons... I think; nice use of color tag though --Deshouleres [/color]





Edited by on 11-07-05 07:25
Author

RE: Realistic 1


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 17-07-05 22:23
Big problem, i have a problem, its that I never modified cookie before, but iam trying, si i cought cookie on login page, but i didnt found anything, maybe iam sniffing cookies on bad page or so, anyone can give me a little push? i found the logs.php, but i cant find johndoe.txt, i searched maybe everywhere


Author

RE: Realistic 1


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 18-07-05 08:11
o know nothing can some one step me through it
Author

RE: Realistic 1


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 20-07-05 07:00
Okay so far i found the 2 filez that was easy maybe if you looked at the tools section of this site you might find sumthing to help you find the filez. brb im goin to go look in a mirrorcoughHINTcoughHINTcough. yes but i try to login with the username and pass and it dosent work now whats this about editing cookies?
Author

RE: Realistic 1


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 20-07-05 07:16
test