Real 15 Noob 2 Noob
Real 15 Noob 2 Noob
ghost | 8986 Reads | Terrorists! Wolfmankurd has sent you a link to a terrorist site he just hacked! Go take a look!
You MUST have popups enabled to be able to complete this challenge. Please enable popups past this point. Difficulty: Hard
Objectives :- *First contact with Wolfie *Discover plans *Secret Mission 1 *Logged into shell *Deleted content *Secret Mission 2
Oki doki the first objective on the way…do the obvious thing (web basic 1 style)
Second objective discover plans … ooppss
For the third objective view the message that was written when you completed objective 1, said something about logging in as the admin think for a while what would change if you were the admin. Got it!!! Alright then, view that file.
When you would view the file what you would be looking at is a python code, don't worry no knowledge of python is required to crack this code..just look at the code as if it was JavaScript (LOL.. Sorry for the comparison “Python God”) Think logically, analyze the code (don’t over think)
Since i forgot about the hash you may do so.
The link you got from the code would have a link to another place, click on it…
You’ll see a message:- Greetings, I have removed the admin login because of security reasons. However the shell to this server is still intact.
Naah this isn’t the secret mission but we are close enough.
Click on the link… oopsi password!!! … (JavaScript basics again)
You’ll get to a location which reads.. Soviet Remote command execution device Choose the third option from the drop-down menu and press send command. Password asked again???…Enter what you got previously
Secret mission 1 completed
hhhmm.. Some error message appeared in red. Something about the shell.php Well try it out.
Logging time out!!!
There are many honey pots in this challenge…
This isn’t the right shell and you have to spoof your way too..
The shell path and the referrer are same… Hint: use a rFERERsPOOFERleet Fourth objective completed
Once in the shell our next objective is to delete the contents Caution: this is an emulator so every command would not give you the desired result
Do what the objective says… Type the command to attain privileges to delete a file.. Type the command to display the files
If you don’t know what file to delete, make a note that html files should not be public.
Type the command to modIFY the file Remove the file Fifth objective complete
Caution: People using web developer ff please check that the META redirects are not disabled because after each command the URL will change, except after the ls command.[Happened with me]
After the remove command, do a ls to view the files and enter the command to run the report script report****.*h After the script runs, it would redirect to give you the points.
The message would read "You have not completed all the objectives go back… " Write down the link.
Well we haven’t completed the sixth objective, for that go to the root of the real15 challenge there you would find a very IMportant information…that’s it… all done.
Write back the URL we noted down to add your points…
I-O-W-A 17 years ago
i cant find the 3rd objective lol aside from tht its helped me loads so far nice artical
richohealey 17 years ago
'twas a good article.
Because I got a mention!!! YAY!!!
but… it was a big ball of spoilers. at least they're reasonably well concealed.
i'll rate it good.
ghost 17 years ago
@richohealey Sorry for the comparison "Python God", Thanx For The Appreciation…..
ghost 17 years ago
Great article. I finally got it. Damn, it was hard challenge. I am glad it is over. :happy:
ghost 17 years ago
where is this script you talk about? report****.*h
i "ls" in shell and cant find it.