Basic 12

hey could someone pm me what i have to put in the url to view the file ive tried so many variations and its just not happening thanks

Alright, go to the challenge. check out the URL. notice the GET arguments in the URL. Now do a little googling on directory protection and .htaccess and .htpasswd files and you will have no problem figuring out this challenge.

ok bruda ill try again i may need some more hints so dont die on me

i`m stil missing something! ive read up on all 3 of those and stil i cant access it are there any specifics u have to have in the syntax

No there is not, make sure you understand how the .htaccess file works. check out the protected directory. and the URL that the challenge is on.

If you need to check up on GET variables. Just do this.

Go the challenge 12, look at the URL you will notice some stuff. Click on the protected directory you should be prompted for user and pass just click cancle. check out the URL again you should notice something. now use that something in the main challenge page's URL with the directory protection file and you should be able to figure it out. lol

so i know the directories called protected from that

eezy_1, PM me with what you're trying, or add me on MSN, end3.r@hotmail.com end3r

he should not need any more hints, if he is on basic 12 he should understand this. and if he says he has read up on .htaccess he should understand that part to. only other thing i can say is local file inclusion

rofl, smacks Skarecrow way to give the answer away

hahahahah!! i was so close!! thanks man

What are you talking about nights_shadow :P muhahaha

thats not the answere lol, shut up before the admins raed it.

lol, you can't be sneaky when posting things like this, you got the legions of users who'll be more than happy to report you for suck-up points.

jeez i wanted to go over it once more i only read through it breifly now its gone

Yep, those do go fast *waits for Skarecrow's warn level to go up

i removed it, i shouldnt have posted it in the first place. lol you know how to do it and should know how from what i have posted before that spoiler

jeez i wanted to go over it once more i only read through it breifly now its gone

hahahahah!! i was so close!! thanks man

eezy_1 wrote: hey could someone pm me what i have to put in the url to view the file ive tried so many variations and its just not happening thanks

Try to redirect or include the file i.e"/.php?page=***

Try to guess the file .htp****d

if you couldn't : <<??H1~7::"ht in .ht**** can be removed::H1~7??>>* I THINK THAT WAS A BIG HINT….:D

An appropriate representation of the requested resource /challenges/basic12/index.php could not be found on this server.

lol… :angry:

not sure how to use cain and abel… I used JTR and that didn't work so welll… so then what did I do…. I used google…

u need a good wordlist for JTR

google for wordlist

there are many articles

Cain can't crack DES, i have a 250mb word list and it couldn't crack it… i left it BFing for over 2 hours and it ddnt crack… is it a really obscure word or something?

I have found and cracked the user (u******a), and but it doesn't accept it. Am i wrong? If I enter it as username then what should I type in the password textbox?

it gives u the pass and username once u crack the hash… if i remember correctly

i beat that level just after I posted in this topic. Sorry to be a novice :D

• Tip for who has not enough time to crack the hashed password: To find the password, you can GOOGLE it (w!k!p3d!a has a gr8 sample for hashed passwds)B)