Realistic mission 7
Realistic mission 7
jonny_cage | 11691 Reads | Hi everyone!
This is my first article on HBH and I have chosen Real 7 b/c there is no article about it so far. Now lets get started
So, you need to hack the facultys site which means:
- find out the teachers password,
- change his grades to A, B, C, C, A, A
- change the system administrators salary to $4,000 and
- get access to the admin folder which is .htaccess protected. You have the name of the Student - Yoni Segel.
For starters, you go and review the teachers page, to see which teachers are employed i.e. we need their usernames. It is very easy to find them from their e-mails. Next step, the passwords. So if you go and see details for anyone of them and notice the URL. It says something like http://www.hellboundhackers.org/challenges/real7/teacherinfo.php?action=name&&id=… So the action=NAME&&id== is a VERY interesting part, isnt it?
Now that you have the passwords from ALL the teachers, I repeat from ALL the teachers you can log in as the one that is the System Administrator (I will not tell you which one, you will have to work that out by yourself). But, not so fast. We get a message saying :
You must come from the admin URL to view you control panel.
Next task, find the correct admin URL and edit your referer (try RefControl for Firefox).
Once you get the referer right you are in. Next, try to work out a way to change the grades in the correct order (local copy of the page or javascript would do just fine). Next, the easiest part change the salary of the teacher.
Next, you need to get access to the ADMIN folder. You will need to look at all the pages to find the location of hash with the password for the ADMIN folder (Basic 1 style) and then use na exploit to view it. TIP: It doesnt have to be hash FILE. Use www.google.com to find out how Apache handles folder access and protection. The exploit is present on one of the main pages of the site. Once you got the hash, use JTR to crack it (no wordlists needed).
When you finally get the username and password go to the admin folder
No, its not over yet. It says BECOME ADMIN is not completed. No, you need to do something to change your status to admin. What could that be? Im off to a break now, for some tea and cookies and when I come back I will finish this tutorialp
P.S. Sorry for my bad English, it is not my native language. And sorry if this article contains spoilers, I did all my best to tell you just enough not to spoil the fun.
Bye now, Jonny Cage MACEDONIA
ghost 18 years ago
Nice article, however there was an article on it already :D though i wish i had this one when i did it 5 / 5
What_A_Legend 18 years ago
There is already an article on this mission by System_Meltdown but still great little article i hope 2 use it soon for real 7 :D
jonny_cage 18 years ago
Thank you all for your support. I haven't noticed that there was another article for this mission. Nice article, system_meltdown, I appreceite your work.
SerbiaHacker 12 years ago
This realy anoying me…j can't find password…and where to put:"from ALL the teachers"??