basic 12

Ok so i know i need to do some local file injection and i need to find the folder that is acsessed when i try to view protected but i need help with finding the folder and i know how to crack password hashes when i do the injection.

i know i need to do some local file injection It's a Local File inclusion vulnerability. there is no injection.

i need to find the folder that is acsessed when i try to view protected The 'folder' you're trying to access IS the protected directory.

i need help with finding the folder No, you need help finding the file in the directory/folder that's protecting it.

         Three little words "password protected directory"

Hi guys so this is my first time using JRT. I am trying to crack the password that was in one of the included pages for Basic 12 but JRT has been running for for 35 hours now…Is it normal for this challenge? Or am I doing something wrong? -Thanks!

eekster wrote: Hi guys so this is my first time using JRT. I am trying to crack the password that was in one of the included pages for Basic 12 but JRT has been running for for 35 hours now…Is it normal for this challenge? Or am I doing something wrong? -Thanks!

What??! Just use a simple dictionary! :o:o:o

Hey thank you so much, gobzi!

I was running JRT in the "default mode order" - ie just "john pass.txt" and it was taking forever (35+ hours!!!)

After reading you response, I downloaded a wordlist, ran JRT in wordlist mode and it cracked it in 1 second :)

Thanks again!