Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Real 5

By ghostghost | 13998 Reads |
0     0

Real 5:

Skills: Javascript, Basic HTML (Understanding) Password Cracking.

What you Need to do: get BillSmith’s password, check your email and replace your cookies with Bill Smith read his email Find BillSmithfolder and change his permission to Read All cover your logs by accessing the .htaccess file and replacing your IP with the old one. Find admin to report name to.

Thats the basic info we need also we get a username/password so lets log in.

Now looking about for a way to get a password, probably a hash, Hint: a lot of this challenge is just looking at the source or Directories. Found somthing odd? Well they wouldn’t make it that easy would they now? Maybe thats just a hint of where another one is hidden. Once you have BillSmith’s password lets do the next step.

Next we need to read some of Billsmith’s mail, well if you had any sense you’d have seen the email system. Why not go there. Okay, it tells us that changing the cookie is the way to do it. Right now how do you change a cookie? If you are really stumped look at the basic skills I mentioned at the begining. Lets check ours first hmmmm there isnt one set for the challenge. Oh well we will just have to guess, there are only 4 common forms for each ;). Mustn’t forget to refresh. Oh whats there’s new mail ;)

Hmmm doesnt give us much info about the directory, have a look around he has mentioned it. go there :)

looks like we’re nearly done! Okay what was the first thing? set his folders permission to ‘Read All’ but in numbers, insert research here> okay that done. It’s not 775 but thats close :P Now we need to edit the logs through the .htacess file well lest go back to that directory. If you liek try the files one after the other. Ok, but what wa sthe old IP? Again remember my earlier hint have a look around that page. Now you’ll find two IP’s, try each one and compare the results. You should be able to work out which is right.

YES! Now all we need to do is report him. Well back to the special directories page. Lets have a look around. ‘Please use actions’??? Thats odd maybe there is somehting hidden next to it. ;) Got it? well we need it for the main directory hmmm well there is a command a url thingy to do this ‘../’ without ’ marks.

::Didn’t find it? well it just makes you life harder, You want to reports someones activity have a few guesses at the main page::

ok, fill it out and send :) Wait it doesnt work!!! hmmm well lets check it out. Remember my hint? Well done, hmmmm we need to report to sanderson. Well there are two ways to fix this, Javascript and the good old way edit source way. :)

And you’re done :)

Comments
ghost's avatar
ghost 18 years ago

About time a decent mission article. Thanks to that i could get past the part i was stuck on. Your getting an Awesome from me

ghost's avatar
ghost 18 years ago

My pleasure, saxible you forgot to vote :).

SySTeM's avatar
SySTeM 18 years ago

Thanks wolfman dude you rock :)

ghost's avatar
ghost 18 years ago

Indeed this is a very good article. Well done :)!

ghost's avatar
ghost 18 years ago

Great Article Wolfmankurd, really helped me without giving loads away Nice One!

ghost's avatar
ghost 17 years ago

You need to complete all parts …pm me? please? lmao

ghost's avatar
ghost 17 years ago

The article is good! But one step is not necessary in order to beat the challenge: No need to find Mr BillSmith's password! At least not necessary to complete the challenge… (thing… did u use it somewhere, once you found it?)

ghost's avatar
ghost 16 years ago

e-mail cookie duh

goluhaque's avatar
goluhaque 14 years ago

I did not need to find the password or change the cookies. Bill Smith's email can easily be accessed by typing in the name of the folder. My problem is guessing the name of the folder. The Name of the email is N** Dir****EMA. Is that the name of the folder? I can't find it anywhere. Everywhere it returns a 404.

cyberking147's avatar
cyberking147 12 years ago

What and where is the use of ?Directory variable?

Fantom's avatar
Fantom 11 years ago

vgvgvgvgvg**vg

JohnGHipp's avatar
JohnGHipp 7 years ago

i can't figure out where the directory is located. i know that it is called 'N** D*r*****":@