Realistic 5

Realistic 5

By ghost | 12002 Reads |

0     0

This is my first article, so I hope it’s decent and helpful. Let me know if I’m giving away too much. I don’t want to spoil the mission for anyone.

Details:

Hey, Grindordie told me that you where good at hacking so I need you to do me a favor. My boss BillSmith is very selfish and he is downloading illegal MP3s from Kazaa. So I need you to report him. To do that you need to show this guy S. Anderson (sanderson) that the real admin BillSmith is downloading illegal mp3 music from kazaa so in order to do that you need to get BillSmith’s password. (Note: you will not be able to log in as BillSmith) After you need to check your email and replace your cookies with Bill Smith’s one and read his email, I believe he just made web folders. You must see where the BillSmith’s folder is and change his permission to “Read All” but in numbers like 775. After you did that you need to cover your logs by accessing the .htaccess file and replacing your IP with the old one. Then you need to view the main directory of eBussNet and see what is the name to report a user that has being downloading illegal music. By the way my username is Jdoe and my password is trebuchet Good Luck, John Doe

Now, as I was reading articles and forum posts, I realized that there were a couple of steps that everyone said had to be done, but I was able to do this mission a different way. First, I’ll list the objectives, then the things that you actually can skip.

Ok, so what do we have to do?

Report BillSmith’s illegal downloading of mp3’s to Sanderson, an admin.

Objectives:

1. Log in as Jdoe with the pass trebuchet
2. Somehow view the email
3. Change BillSmith’s folder to “read all”
4. Covering the tracks by replacing your IP with the old one.
5. Send the report to Sanderson

Now, I will explain each step in more detail further down, but let me first tell you what you can omit from this mission, despite whatever you read in the forums.

-Cookie editing/Javascript injections -getting BillSmith’s password

Okay, now to the core of this article.

Objective 1: Well, let me just say that if you can’t get past this one, you may want to consider a career in fast food.

Objective 2: Ok, so now we’re logged in as Jdoe, and we want to view BillSmith’s email because it’s going to tell us where the new folder or directory is that will allow us to complete the other objectives. So, let’s click on ‘check email’. But wait, we can’t do a damn thing in here! Well, when stuck, view the source. Ok, so now we see that this email page is actually a frameset of two pages, 1.php and 2.php. Why don’t you view each page’s source and see if there’s something that can push you in the right DIRection….maybe something like jd**_*. Oh, well look at that, we made it to a directory. And look carefully at the directory’s name….maybe there’s another name we can use instead of jd to view a different directory… Wow, that was convinient, a bit too convinient, but let’s continue. Alright, now we see some of the same files that were in the jd directory, so what’s different? Well, what are we wanting to do? READ BillSmith’s email. Hmm, is there a file in this directory that might allow us to do that? Hint, if you don’t get me, just open every file, lol Ok, now we have the email. Make sure to read it carefully, because it gives you the name of the new folder that you need to complete the rest of the mission. Important!: You must view the email before you can access the new directory, because I think it sets a cookie for you. If you get this far, then quit and pick up another day, if you try to access the folder that was mentioned in the email, you’ll get an error message. To avoid this, view the email again.

Objective 3: Ok, so now we have the name of the new folder, so let’s go find it. Once you get it, we are taken to a page that has tables with a list of usernames in it. Well, since we know what we have to do (change BillSmith’s folder to “read all”), click on BillSmith. Now here, you have to provide the right number to set his permission to read all. *Hint, if you are stuck, refer to the mission details. He said it was something like 775…so just try from there plus or minus. You’ll get it sooner than you think. So, we have now made BillSmith’s folder “read all”.

Objective 4: Now, we need to cover our tracks. Well, we can do this with the .lastaccess page. So, click it. Now we see a textbox with your real ip in it, and we want to replace that with an old ip. Maybe there’s a log file that has an old ip in it When stuck…view source. Ok, so now we have the list of ip’s. Hmm, can you guess which one you should use? If not, sing this song: “Which one of these things, is not like the other?”…lol. Alright, now we have changed our ip. Time to report this mp3 stealer.

Objective 5: This is the hardest part, or at least was for me. You have to find the page that allows you to report someones activity, so let’s begin. Now, if you didn’t already, take note of the source in the directory that you should still be in. There might be something usefull there that can tell you where the page you’re looking for is. Got it? Now, this is where my hair pulling/massive headaches came, so I’ll try to help out as much as possible without ruining it for you. Look at what is at the top of the table in this directory, “Please use the a*****s”. Now, look at your clue and see if it reminds you of anything.. *hint: analyze this carefully: “?action”=“members”. Maybe we can take our clue and make it allow us to view the directory of Real 5…So let’s do that. Now, you’re probably in the same directory still (the one where you completed obj 3 and 4).If not, go back because this will help you. So, with our clue, let’s try an execute some simple actions. If you’re stumped, think about what you want to do…you want to view the complete directory of Realistic 5, and we are in one directory down. Maybe there’s a command that will allow us to change the directory to one level up? Helps if you’ve beaten the rooting challenge Hey, we got it! Now we can see the name of the page to report someone’s activity, so let’s go to it. Now, after you input the information, click the submit button. Did you get this?:

We could not send you report due to the following reasons

1. The member does not exist or is not an administartor

When in doubt, view the source. Oh, I guess there’s a value that tells where (or to whom) the form should be sent. Well, since we’re reporting BillSmith, it’s stupid to send him the report of himself, so maybe there’s another guy we can think of to send it to. Hint: maybe we can save this form and make changes to the source so it does what we want. Oh, and be mindful of capitalization. Just one last tip for filling out this form: the company that BillSmith is stealing from is Kazaa (as noted in the details), and he’s downloading mp3’s. Also, the description is not necessary.

If you have entered in everything correctly, you will be given a link. Click on it, and 50 points. If you get a message saying something like: you need to complete every part“ (or whatever), redo the mission, then send it again.

My thanks goes out to everyone who has helped me complete this mission. I hope this article helped you out. If not, don’t give up.