Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

SE (Social Engineering) 1-2


SE (Social Engineering) 1-2

By ghostghost | 9369 Reads |
0     0

Though there are two or so other articles on these challenges, I thought I'd post mine. I've got a few qualms with the other two and this will sort them out.

Social Engineering Challenge 1:

The bot, as you may have noticed, isn't programmed with very many responses. In REAL SE, you should definitely pay attention to what the person likes, but in this challenge you can forget it. Think about what you know about your best friends.

Possible spoiler It's a combination of two numbers

Qualm with the other tutorials- They tell you to disregard the sports and just worry about the Math and computers (the bot tells you he likes computers). Disregard everything about the bot's likes and dislikes.

Social Engineering Challenge 2

First off, forget about that Martha crap. You don't actually need any of her information (well, MAYBE her ID). You need to first view the file where DATA is stored. Now, at first, I was confused, but think for a second. Though you don't need that log crap for this challenge, here is an example: Logs are stored in http://website.com/index.php/logs.txt (logs.txt is just an example, there are logs in this challenge)… where is data? Now that you've found that, you should see the password folder. Get Mathew's password. I urge you to look at the passwords of the other users as well- they're kind of funny. If you don't know Mathew's username then you need to just stop right now and shoot yourself in the testicles (or ovaries). OK. Now that you're done shooting yourself, we can move on. At the login page, enter Mathew's username and password. The ID is also very simple. You see, one user's ID IS 78954631455, Martha's is 78954631456… what do you think Mathew's would be assuming he's next in line?

There you go. You've gotten all of his information. Now click userban and ban A-Logy. You're done. If it says you've done it wrong, just enter A-Logy again and retry.

I hope this helps and there weren't many spoilers. :)

Comments
ghost's avatar
ghost 18 years ago

Ihave a qualm (that right?) with your article, you ay on SE one to disregared all his likes and dislikes, that is wrong, (unless it has changed since I did it)

ghost's avatar
ghost 18 years ago

Well, I'll have to PM you about that one. You see, the likes are connected to the password, but you don't have to know at all that he likes math, numbers, sports, and computers to get the password. The questions you need to ask aren't related to those things at all.

ghost's avatar
ghost 18 years ago

Jesus christ, i posted this article a few days ago.

ghost's avatar
ghost 18 years ago

Yeah sorry… I did them and I had a few problems with the others so I wrote my own. Maybe this one will help people who think more like I do, but I don't know. You can never have too much coverage on a subject.

ghost's avatar
ghost 18 years ago

For SE2, I found the log file but there isn't any readable data except Admin Log, are we suppose to read the file in a hex editor or something like that ???

ghost's avatar
ghost 18 years ago

No, no hex editors. If you find something that's in code then you've found the decoy. Make sure you're viewing the right file. Remember: that example was for logs, but that doesn't mean you're supposed to view the logs. Go for the directory DATA is in, not logs.

Violex's avatar
Violex 9 years ago

I nearly gave up completely after an hour on SE2! This article really helped so much.

I knew the the ID has to be incremented but I thought EVERY integer had to be +1 so I thought - would 9 become 0 or 1? Thankfully, I've passed both now :)