Real 13

I found the 15 keys.I try to put it in the recovery.php, for 14 key he said: "Sorry you did not enter your recovery key!" and for one key he redirect me to the index.php.

I found the hash ***************AED and crack it, I think that it can be the u but not sure.

is what i make is good ?

Can you help me ? a little…

thx

The UID's are found in a "file" located somewhere "hidden" on the website that hash that you have there will also come in handy but not for UID's

Ok thx, and for the recovery.php did i miss something or did i losing my time with this page ?

Is there any way to find the file beside guessing the directory?

The location of the file is in s fairly logical place. I am not giving a lot away because it is my challenge. But think and you will get it. look over what others have posted as well.

Pay very close attention to cubeman372's post… ;]

Ok now i have all the usernames and passwords but for the userid… I try to goolge it and find some (i think) but i can't login.

I read in some post, there is one user who can login in. I think it's y**** or r******* but for this one I'm not sure of the userid.

Can I pm someone with what i enter, and help me a little.

thx

I have a problem with hash cracking. I have program and all hashes but i only can crack 1 hash from 1 user. Do i have to bruteforce or ..?

There is a file located on the server which this is hosted which contains the userids. you have to crack the program to retrieve them though ;)

Umm I have file but I can't crack hashes. I can only crack pass from dgw*od and i have his userid but other hashes I can't.

Are the users and passes for the site the same as for the prog? I cracked one of the hashes that isn't accepted by the program for any user :d

But on the other, do we need to crack the prog ;)

all passwords are the same in the challenge ;)

I know you don't have to put username and pass in program to get userid. I have 20 or so hashes and i can crank only 3. So should i bruteforce them or smth else??