Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Basic Missions 3-7


Basic Missions 3-7

By ghostghost | 30219 Reads |
0     0

Basic 3 -basicly you need to have Mozilla firefox. Download it and also download the User Agent Switcher for Firfox. Then figure out how to use it by using the user it says is not valid.


Basic 4

-htpasswd.php is not found in basic 4…. put the htpasswd.php in the url at the end instead of index. Then try changing the number of the mission until you get the page.


Basic 5 -After looking around the source you see that * is a wild card(WD). The * replaces something you dont know. Which in this case is everything. Basic email add: Somebody @ Somwhere . Something Replace the . with a : instead and you only need to fill in the bottom passwd box with the email.


Basic 6 -What you need to do: …- chmod a file …- delete the logs …- delete another file First you need to know the file you are try to chmod…. ***/logs.txt. This file will give you the link to another file (the one you need to delete). Most unix cmds use a $ in front of them… for each box when you start out. For more understanding search Unix Commands in GOOGLE.


Basic 7 -Looking in the source gets you a name and a passwd in binary. Go and use javascript like so…. javascript:alert(document.cookie="username={the binary}"). After that use 1=1– in the passwd box. This should get you a good start.Then there are more steps to find out the correct passwd.

Comments
ghost's avatar
ghost 19 years ago

Were you tired of people asking help for these challenges because these were give-aways. Major spoilers to the levels.

ghost's avatar
ghost 19 years ago

true, does ruin the fun

ghost's avatar
ghost 19 years ago

yeah but i did get tired :@

ghost's avatar
ghost 19 years ago

Most unix cmds use a % in front of them… in this case replace it with $ for each box when you start out. For more understanding search Unix Commands in GOOGLE.

NOT TRUE.

ghost's avatar
ghost 19 years ago

600 reads. That only shows how many ppl need help on such easy missions.

ghost's avatar
ghost 19 years ago

damm okay 980 reads whoo! :p

ghost's avatar
ghost 18 years ago

1523 actually lol

ghost's avatar
ghost 18 years ago

Hey hack4u nice job,but don't get the Basic 6 ….where is logs.txt need some help here……Thx

ghost's avatar
ghost 18 years ago

OK…OK I got the log.txt & other php file …..What is all+execute??? …..r-w-x|r-w-x|r-w-x…..Is this what it mean?

ghost's avatar
ghost 18 years ago

And u said to use java on the last one, then gave the wrong command XD

ghost's avatar
ghost 18 years ago

I am also stuck on Basic 6, it is driving me MAD :@

Nice tutorial though

ghost's avatar
ghost 18 years ago

i swear i hav the right commands for basic 6 but it says "invalid command" can someone help if i pm them my commands i have written?

ghost's avatar
ghost 18 years ago

On basic 5 we really dont need to fill in the email right. Something like @:* for the username:password and * in the email field also does work. So hypothetically, would it mean that we are searching the database for an username and password and then after we found that we are searching another table for an email?

ghost's avatar
ghost 17 years ago

stop putting up this freaking spoilers! Holy shit.

ghost's avatar
ghost 17 years ago

:ninja::ninja::ninja:

ghost's avatar
ghost 17 years ago

No wonder you were banned…You kept spoiling the challenges…..Goodbye whoever you were =/ and don't come back if your just here to spoil everyone else's fun =/

ghost's avatar
ghost 17 years ago

what is the other php file,please PM me

ghost's avatar
ghost 17 years ago

basic 7 is still frustrating me wtf

ghost's avatar
ghost 16 years ago

Hey I thought it was a great tutorial…It did throw me of the track till is suddenly dawned on me…I was using all the possible javascript codes in alert but it supposed to be void correct injection for 7 is: javascript:void(document.cookie="username="(the binary for the user name)") Then all you have to do is replace (the bianary of the username with the actuall binary of the username. Good Site:http://www.yellowpipe.com/yis/tools/encrypter/index.php

Otherwise for Basic 7 Really good…I didn't use 3,4,5 or 6.:)

Abdellah's avatar
Abdellah 13 years ago

I spent 2 days on 6, if someone needs help feel free to PM me ;)