Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Realistic 1 Walkthrough


Realistic 1 Walkthrough

By ghostghost | 16625 Reads |
0     0

Realistic 1 Walkthrough Hi Everyone I wrote this tutorial because i did not think that any tutorials for realistic one where indepth enough.I would say this deffinitly contains spoiler so be warned and it is rather long!

So the first thing we see is the JohnDoe password and account yes that is handy!So upon arriving at the log in we chance a shot of sql injection just in case ' hmmm that didnt work!So now we simply log in and while youre at that go back to youre mission brief and what does it say?

Your goal for this mission is to log in as an registered user (johndoe/password) and analyze the site to gain administrator rights to change the price of the program to make it a lot more cheaper.

Now what are the key parts?We have to analyse the site and make the program cheaper,So what does analyse mean?Yes you guessed it!Look at something realy in depth.Now i am sure you have learned by now to look at the source and when we open her up what do we see?

Not that much!Yep its pretty bare so maybe thats a good thing lets look in the directorys given to us….. Hmmm you see it?Yeh thats pretty interesting! But now that we have this what do we do?We cant use sql injection to get in because we tried that…..Hmmm??Maybe javascript injection…..

Well first of all what is Javascript injection?Javascript Injection is simply changing the content of things such as cookies using JavaScript.Ahh now you see what I am getting at.

So to do this goto youre url and remove www.whateverpagethisis.com/hah/a0tuhah/a0tu!

Now type in javascript:alert(“hello”) and hit return….Tada! But wait dont get too excited we are not even at the good bit yet!Try typing javascript:alert(document.cookie) hmm interesting!Hmm That AuthId is interesting aint it?It couldnt possibly stand for authorisation id…Or could it??Well hmm i wonder what we can do!

In administrator.txt we found some interesting info(yes i changed the info so stop being so lazy)

administrator password = pass

status:administrator

AuthID: authid

So lets use it :D Lets up our AUTHorisation :D So we know how to do a javascript command and what not through our browser so lets do it: javascript:void(document.cookie=AuthID=“authid”);

So basicaly what we are saying is that in that cookie change the AuthID bit to this,Yes i know rather simple but it works….Now what page is the price on??Well that means its probably best to do it on that page but i dont think that software is real anyways so its probably not worth more than a dollar!

And ennjoy the 35 points,Sorry it was so long but this is how i learn best and if you dont like it dont read it :) .And if you do like it please rate it and leave comments!(motivation to do more) Enjoy Shouts:http://www.a0tu.com , The Flash and BobbyB ,n3wtyp3 and tmc :)

Comments
ghost's avatar
ghost 18 years ago

i hope the delete this. there were already articles for this

ghost's avatar
ghost 18 years ago

Diversity is a great thing i was just showing my point on things…Ever been stuck on an a mission?I have and i have read lots of posts in the forums and everywhere what about when you understand how to do the mission but it doesnt seem to be working?Then articles like this can be realy handy.I dont see the problem.

ghost's avatar
ghost 18 years ago

ya I really liked how in depth this was.

ghost's avatar
ghost 18 years ago

wow this is the greatest tut i've ever read thanks.

ghost's avatar
ghost 18 years ago

Thanks. I like you gain understanding from being shown.

ghost's avatar
ghost 18 years ago

Thanx excellent not 2 much not 2 less just right

ghost's avatar
ghost 17 years ago

thanks so much man this is how i learn to, by step by step v=cuz it sticks in my head. :D

ghost's avatar
ghost 17 years ago

thx much:) helped a bit more than the others did…

ghost's avatar
ghost 17 years ago

the password for administrator is in some strange hash and i cant figure out how to crack it. ive used cain but i cant crack it.

ghost's avatar
ghost 17 years ago

god im dumb. ive been trying to crack the password hash. lmfao all you had to do was go to toys.php with the cookies there. ha. this was easy. oh and really nice article buddy

ghost's avatar
ghost 17 years ago

Thank you all for you're praise and approval it makes it worthwhile. I run a site www.a0tu.com I hope to fill it with similar info :)

ghost's avatar
ghost 17 years ago

why did this challenge change?

ghost's avatar
ghost 17 years ago

i must be stupid because i cant get it. i took the javascript injection and put it into the browser

javascript:void(docu<i></i>ment.cookie="AuthID=authid");

and it didnt do anything just sat there. im signed in as johndoe, and im stuck. help?

ghost's avatar
ghost 17 years ago

Remove the <i></i>

ghost's avatar
ghost 17 years ago

where the hell is administrator.txt I cant find it

ghost's avatar
ghost 17 years ago

dont forget to metion that johndoe is case sensitive cuz i spent forever trying to login as Johndoe >.> good article though really loved it

ghost's avatar
ghost 16 years ago

if anyone could explain how to get to administrator.txt or why this JavaScript injection doesn't work:

javascript:void(document.cookie="AuthID=*******");

i would really appreciate it and if you could pm me i'd fall in love with you:D

ghost's avatar
ghost 16 years ago

if anyone could explain how to get to administrator.txt or why this JavaScript injection doesn't work:

javascript:void(document.cookie="AuthID=*******");

i would really appreciate it and if you could pm me i'd fall in love with you:D

ghost's avatar
ghost 16 years ago

i wasn't sure wat to do i found administrator.txt then thought i should try cracking but just to make sure i was on the right track i checked this. thanks alot i think this is a good in-depth article:)

ghost's avatar
ghost 16 years ago

i know everything. but i dont know java :( can anybody tell me where to inject that java injection? if possible :)