Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Real 11 Noob 2 Noob Spoiler Free...But Has Everything You Need


Real 11 Noob 2 Noob Spoiler Free...But Has Everything You Need

By ghostghost | 8636 Reads |
0     0

Real 11 Noob 2 Noob Guide With Visual Basic Code Snippet

We just got an email from a co-worker and here is what it said "This investment firm gave me bad information on which company to invest in, now im in the red! Can you delete the databases and all the pages, I’ll give you a cash reward. Difficulty: Insane!!

To delete the database we would need to be the administrator So who in the company is the admin? Let’s check out their staff list……

We’ve got 3 or more admins, why not try the head admin.

Jot down his name and it’s time to login

Well neither we know the Username and nor the Password…So what we gonna do??? Well do what you can View-Source / Sql Injection / View-Cookies / Forget Pass Link And OOOh the help link, yeah we sure need some help so lets click on it Take a look at the staff notice, Alright we have the Username but Password???

Okay we will give it a try…Username & a dummy Password…. WTF??? It locked you out…Gosh….

So… if it has locked the Username & Password box may be there is an attribute in the Source-Code that has disabled it, so lets save the file & change the value of disabled from true to false But hey!!! Look at the action field…..”Looks Can Be Deceptive"….lets view its source…

Okay we got the hash, now what?? Well if you cant answer that may be you should go and play counter strike and after you have done with it visit the following site:-http://gdataonline.com/seekhash.php

Now use the login Username & the cracked Password…..Ahaaa we are in…

So what was our mission (Yeah besides completing the mission for 150 points and taking the cash reward) deleting the databases and all the pages.

Click on the first link….

OMG!!! we have to return the random value * 2 under 1 second. Now if you are not one of the people’s from the TV-Serial Heroes we have to start coding…

Before that let’s try the other link as well Hhhmmmm something about decrypting the key through an application named ‘Keycheck’ and return that in 1minute, that’s quite humanly possible if only we had the key.

Think where could that “file” be, may be in some directory. Once you got the file open it.

Now go to the link again where the file was needed, try entering the random string into it

Click on check you’ll get "invalid key entered but why what happened?? Take a Break Kid This Challenge Isn’t worth 150 Points For Nothing.

Read the webpage again regarding the Keycheck application It said something about decrypting & the Keycheck application that we have has the button named Check…

It’s time to do application cracking….load Olly Debug

Search for all inter modular call and put a break point at StrCmp (Though it would produce the same effect with StrComp)

Just press the check button…Hhhmm..we see a Unicode value well change that Text To HEX, if you are having trouble, just keep the F9 key pressed till it passes the loop and you’ll see the Loooooong HEX value in the dump at the end.

Enter the value in the Keycheck application…Aah it greets us with “Welcome To Keycheck”

Now the button named Check has also changed to Decrypt, use this to decrypt the number and submit at the page.

Visual Basic Code:- In the VB’s component section, project—component Choose Microsoft internet controls

In the reference section, project—references Select Microsoft internet controls & Microsoft HTML object library.

Drag & drop the browser control and resize at will.

We will also need:-

  1. Command button
  2. Text box
  3. Timer

Enter the Textbox’s text as“http://www.hellboundhackers.org“ [Without the quotes] Make the timers interval to ‘2’ [Without The Quotes]

Double Click On The Command Button and enter the code to open the URL in the web browser Eg:-

webbrowser1.Navigate Text1.Text

Double click on the Form and enter the same code.
webbrowser1.Navigate Text1.Text [The URL in the text box will be opened when the Form loads]

You may build a routine or a function, I’ll give you the first few lines:-

Public sub HBH() Dim objDocument As HTMLDocument Dim str

Set objDocument = webbrowser.Document str = objDocument.documentElement.outerText

This code is setting a variable for handling HTML documents and then the text of the HTML document is stored in the str variable.

What you have to do is write a group of statement that filters that Number Part from the body of the HTML document. Use Instr(), Left(), Right()…That’s all you need

Okay so you filtered out the number, but how are you going to send that to the website??

First save that number Double it’s value & save it in a variable Eg. ‘num’;

Then do something like this str1=“http://www.hellboundhackers.org/challenges/real11/clients/backup.php?number=” & num webbrowser.Navigate str1 End Sub

Now to code the final part When to call??

We have to call our function/routine when the page having the random number appears… We Know Its URL… “http://www.hellboundhackers.org/challenges/real11/clients/backup.php” Double click on the timer Write the code to execute our HBH function/routine when the web browsers location is = “http://www.hellboundhackers.org/challenges/real11/clients/backup.php”

And you are done.

PS: If you encounter the message “You took too long or wrong number” Right click on the page and select back.

If after submitting using “Keycheck” application, you click on return to the Admin Panel & it shows “Page Not Found”

Look for the same page a directory down.

Rate It People…………………….

Comments
ghost's avatar
ghost 17 years ago

Just redid it with vb..thanx….i thought u would be using vb withCURl..but i was wrong..

ghost's avatar
ghost 17 years ago

Why the fuck do you capitalize every word. Over-use '…' and continue to abbreviate with R/U etc.

Also, your structure is shit. I need to complete this challenge but would rather not if it meant completion was after reading such a horrible article.

I would of declined this.

ghost's avatar
ghost 17 years ago

Thanx "Flash" In Future I'll Make The Structure More Presentable…. And For Capitalization Stuff … Just Personal Preference.

ghost's avatar
ghost 17 years ago

i was willing to overlook flash's harsh analsis and i gotta say…..im glad i did. The content is good and well worth the time it took to read but the presentation is a lil poor still.

SySTeM's avatar
SySTeM 17 years ago

This article would have been much better with normal capitalization and correct grammar, nice work though.

ghost's avatar
ghost 17 years ago

I've Read Flash's Comments on Different People In The Forums…. And What I Think Is That, He's A Person Who Is True To The Heart….

Though He Points Out The Flaws In A Hard Hitting Manner….But That's What I Like About Him…

@minermonk & system_meltdown Thanx For The Appreciation…

ghost's avatar
ghost 17 years ago

good guide. personally I don't like VB much, so I used javascript with greasemonkey in firefox, works pretty good.

ghost's avatar
ghost 17 years ago

@download I Tried To Do That With Javscript But It Always Submitted The Wrong Answer(Flawed Logic),So I Shifted To Ruby And Then Ported That Code To VB..

@SsAgEnT & download Thanx For The Appreciation…

Uber0n's avatar
Uber0n 17 years ago

A very complete guide, but as you've already said some grammar and capitalization errors should be fixed. Good work man.

ghost's avatar
ghost 17 years ago

@Uber0n Thanx For The Appreciation… Love Ur Cat….

ghost's avatar
ghost 17 years ago

@Uber0n Thanx For The Appreciation…

ghost's avatar
ghost 17 years ago

This Getting Pretty Ugly:D:D

ghost's avatar
ghost 17 years ago

nice article. helped me alot after the keycheck part (i was already here when i read this).

  • Jimmy

ghost's avatar
ghost 17 years ago

Thanx James For The Appreciation

ghost's avatar
ghost 17 years ago

This article is AWESOME. I passed the challenge and got !!!150!!! points. I cannot be happier. Your article rules man. Peace.

ghost's avatar
ghost 17 years ago

Pascal Casing Modified After 700 Reads:@ @KaksiiCongrats :D & Thanx For The Appreciation

Hey Why Was Killstream's Comment Deleted??

ghost's avatar
ghost 17 years ago

Pascal Casing Modified After 700 Reads:@ @KaksiiCongrats :D & Thanx For The Appreciation

Why Was Killstream's Comment Deleted??

ghost's avatar
ghost 17 years ago

thanks man, this really helped, im so nearly there. also, i love all your other noob to noob stuff — a reference for the rest of us

ghost's avatar
ghost 17 years ago

This Article was awesome. I never would have finished unless i had read the last part about completing the challenge. I could not figure out why it kept saying "page not found"!! Thanks man, and Great article :ninja::ninja::ninja: