Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Realistic 13

  1. Home
  2. Articles
  3. HBH Challenge Tutorials
  4. Realistic 13

Realistic 13

By grabhack avatargrabhack | 11118 Reads |
0     0

For those who are still stuck at this mission, a complete guide by ~ grabhack.

The most confusing part of this challenge is what to do with so many hashes, well you get it now.

###Missions to accomplish###

1)Find two important directories (application & log). 2)Find a hidden image(~hash) called security key. 3)Crack application. 3.1)Get username. 3.2)Decode password. 3.3)Find uid hint & format. 4)Log in as admin 4.1)Change admin password. 4.2)Change current projects. 4.3)Remove the logs. 4.4)Enter security key.

###Guide to missions###

1)Notice a special character in url when you click on links.Now the most common dir for storing applications (passrecovery).Now other directory, in which something is to removed.

2)Within source code you get that image(~with text in it).

3)Once you get the app. open it in olly, right click and search for ->All referenced strings.And search for following :

3.1)You will get all usernames within that application.

3.2)The passwords corresponding to them, well they needed to be decoded. [hint]decode format is eg. 99 is c. ( search for ascii codes. )

3.3)Got the format of uid, well don’t forget to remove them. For hint1 just google it & for hint2 prefer wikipedia. [hint]fish v/s ape.

4)Now you got two admin, [hint]I love noodles.. ################################################# for all the following mission completion you must get a bold confirmation message and you also get log out after attempting anyone of them. #################################################

4.1)Don’t forget default old password overtype.(that’s what i missed.)

4.2)Change current projects. (~refer mission briefing.)

4.3)Well it looks difficult, but not so, see source code and you get to know that you don’t need any commands.[hint]just give the path.

4.4)Ya its difficult, sure its a hash and that to common. [hint]no need of capitals. [hint]its a security key, so brute force it with smallest charset.(10)

###one hidden mission### [hint]that’s why it is written.

Always Keep Smiling!

Comments
grabhack's avatar
grabhack 14 years ago

@ MoshBat : The shit at the bottom is My SIGN…do u have any problem on that! And i don't think that this article is badly written.Every Part to be covered in that challenge is explained in stepwise manner!:(:o:( I haven't expected such a comment from U!

techb's avatar
techb 14 years ago

lol