ALL basic and javascript
ALL basic and javascript
OK THIS IS MY ARTICLE SO RATE IT IF YOU LIKE IT OR IF YOU DONT
—+BASIC+—
Basic 1: ok this one is very simple you should know how to do this if you dont, well why not right click the page and see what you can view
Basic 2: this is an iframe (as im sure you can tell) you need to find out where the iframe is reading from so why not view the source? remember the “..” makes it go back a directory
Basic 3: ok for this you need to have firefox if you dont have it GET IT! a user agent tell what browser you use there is a way to spoof this why not look for a plug-in?
Basic 4: ok so the file isnt found in basic4. well sometimes people type in the dark and they cant really see their number keys they might have put the file in the wrong directory
Basic 5: Asterix-Project could have something to do with an Asterix why not try it? o is that an error?
hint:the asterix is a wild card in this php script maybe it will work with the login
now just to find out how Unix stores passes
Basic 6: ok so this is Unix so u need unix commands but first you need to find out where the LOGS might be stored dont forget the $
Basic 7: well he made a ASCII encryption? well i wonder wat that is? HINT: 01100101 well we need to encrypt our username wonder wat that is? well here is an article to help you out http://nexodyne.com/archive/index.php?t-14736.html now u need to void the right cookie and dont forget to refresh dang not done yet now we need to learn sql injection well i went ahead and got you an article http://www.securiteam.com/securityreviews/5DP0N1P76E.html
Basic 8: well mess around with the page try a password o wat is that? an sql error hmm looks enteresting we might need that later ok well how would we use this? o well why not check the source? ooo thats interesting dont understand it? well something like it is on the URL of like almost everypage of this site ok now to use the sql error we found if u do it right u will get the pass
Basic 9:ok well u can search the files sorry the * doesnt work here :P well i wonder where the files are stored… found it? good well now u want to trick the machine to give you information bout the script that you shouldnt have so go google about poison null byte
Basic 10: well you are FORBIDDEN to view this lol so why not view the source? whoa wat is that? well find out how to spoof IP’s
Basic 11: well this takes us back to basic 3 why not have a look at some of the other user agents
Basic 12: well you cant see the protected folder so why not have a look around the page u can see. wait does that say wat page its showin us?! awesome well why not try to view the page you want to see hmm that didnt work well u might want to figure out how to access a page well that takes you to another page go there wait its an DES encryption so use JTR with a wordlist it will be cracked in no time
Basic 13: well ok so u have to log in as George but he isnt on the list so u have to change the list so download the source and do wat u have to. still not workin? well then its time for you to take ACTION
Basic 14: well this is sort of back to basics lol try viewin the source. you should kno wat to do from there
Basic 15: hmm maybe these are gettin easier? try viewin the source and find wat u need to
Basic 16: suddenly i cant stop thinking of Basic 7
—+JAVASCRIPT+—
JS 1: this one is easy try viewin the source and u should kno wat to do
JS 2: WAIT! dont click the link i wouldnt want you to get trapped in a loop ok well i only kno how to do this in firefox so use it now u want to view the source of the page without actually going to it HINT:view-source:URL so do you see where the JS is reading from? why not go there? do you see what i see? well there ya go
JS 3:ok well view the source. whoa thats alot of code that i see try decrypting it u should prbly kno the encryption see the text? well thats the user and pass so use them
JS 4: well if you kno xss this is really easy you need to alert the cookies but javascript:alert doesnt show the hidden cookie so try using some other kind of SCRIPT
JS 5: well first find out where the JS is reading from and go there then learn about the function it uses and if you have passed 1st grade math u can beat the rest
JS 6: well first view the source and see where it will take you if you get it right. well add already :P
JS 7: well if you get it wrong u have to go bak this sort of reminds me of JS 2 well now u have the source so save it and make it alert wat u need
JS 8: ok first this is the only thing i do in IE i have had trouble doin this one in firefox ok well u see the encryption? well its a hex encryption so decrypt it o but its all gibberish well try it anyway wait is the source new? well i wonder wat the simplest thing u could do wit this is?
JS 9: well i guess its finally time to sit back and relax JK :P ok well save the source and find wat you need to change o but the pass doesnt work well i wonder wat all that encryption is ooo look a form well change where the form sends the info to and encrypt it and put it bak in the source
JS 10, 11, and 12: ok these are all really easy just make it alert wat u need it to
JS 13: not authorized? well wat checks authorization? void it
JS 14: ok well its just back up so this one is really easy jus go where u need to
JS 15: view the soure and learn abot the charAt function this one took me awhile even if u think u r doin it wrong u r probly doin it right
WELL THATS MY ARTICLE RATE IT IF YOU LIKE IT OR IF YOU DONT
ghost 18 years ago
Not bad, but honestly I'd personally prefer lots of articles explaining every challenge in detail rather than one that briefly summarizing each one ;)
ghost 18 years ago
yea well this is just to get peoples feet wet in each challenge without giving away too much but i kno wat ur sayin thanx for commenting :)
korg 18 years ago
Not to be a dick but all these have been covered more than once, twice so many times. We need new material in the articles and tutorials not the same thing over and over again. Just my thoughts. Nice job otherwise.
ghost 18 years ago
yea i know i just wanted to contribute even if it wasnt much at least its another article but im glad to haveur opinion thanx :)
What_A_Legend 18 years ago
the chalanges are not written in much detail, it wouldn't of helped me if i was stuck on these missions, but it was a good idea to combine all the challanges in one article :D
ghost 18 years ago
yea i was wanting one place where people could go without lookin for an article each time and i didnt want to give too much away:)
ghost 16 years ago
Thanks this article is proving useful to me, its not too much given away which is a spoil when people give too much info away. I prefer articles like this and you will learn more in my opinion trying to use your brain not by articles giving challenges in great detail this is perfect A1+++++ – very good hints enough to keep my appetite wet ;)
Legilimens 13 years ago
it's helpful if you have no idea where to start, but I generally prefer more detailed explanations
newbee 12 years ago
in js3 i got the username and the pass but when i click login then it just redirects me to the index.php of js3 .
darksage92 10 years ago
I tried changing the OS part of user agent to HellBoundHackersOS for Basic 11 but it did not work.