Realistic 5

Hey, im at the start. I have logged in with the Jdoe, and in the emails. But how do i go abouts getting BillSmiths cookie hashs?i know about javascript injection and alerting cookies, changing cookies, but uh, with this mission i alerted the cookie, and there is nothing except the fusion_user and stuff and the phpsessid.

Any help would be appreciated

um, ok. i read else where about decrypting the encrpyted css files. But what kind of encryption are they?

It isn't the file exactly, look at the name of the file.

Yeah, im having a look at the name of the file. But it doesnt mean anything to me atm lol. Could it be the hash's we need? or what?

okay in the file manager and i got to BilSmith and change the permision to 777 and it says ok … then i go to .txt file with the list of IPs. i use one of the (theres only 2 possible) and i replace it in the htaccess part. then it says go back to the main dir and see wat is the name to report someone downloading music…. am i on the right track cuz im lost on the reporting?

Im not even that far lol B)

hack4u wrote: okay in the file manager and i got to BilSmith and change the permision to 777 and it says ok … then i go to .txt file with the list of IPs. i use one of the (theres only 2 possible) and i replace it in the htaccess part. then it says go back to the main dir and see wat is the name to report someone downloading music…. am i on the right track cuz im lost on the reporting?

OK , me 2 . I changed permission and IP successful . But next , I don't know what must I do . I went to the main page , there's nothing I can find ?

Hey that makes 3 of us :(

yeah well wat would helop would be an answer to this damm thing

I've searched the whole thing over and over again, but I can't seem to find an option on how to report someone? Or do we have to use some sort of php-injection with a specific file?

Any clues on how to get 2nd email?

okay well i found the rpr*.php and it says that

We could not send you report due to the following reasons

The member does not exist or is not an administartor

so wtf?

hmm i wonder what filename that could be hack4u rofl.

yeah thanx but i think people already knew about that so im kind of just looking for wat to do now ;)

hack4u wrote: yeah thanx but i think people already knew about that so im kind of just looking for wat to do now ;)

you read my mind :)

I'm guessing, void those cookies :p but I'm not sure.

Okay so I have been working on this one for a while and I seem to be stuck at where everyone else is stuck so if anyone can drop us a hint that would be great. I have done the chmod and changed the ip back and then I'm supposed to go back to the main dir and find the user who has been d/ling the music?

This sentence doesnt make much sense to me……

"Then you need to view the main directory of eBussNet and see what is the name to report a user that has being downloading illegal music."

I have found where to report this user but I get an error that says something about not being a member or admin……

any ideas?????

aVoid

Well, alright, the person we want to report is BillSmith, right? Because he has the illegal d/l directory, so we want to report him then? Well, did you guys/girls check the source to see where that reported file is going (being sent to)?

well report.php is the result of filling out the form and i havent found the form to fill out. If someone could help me out there.

Check the source for a possible commented out part in the "hidden directory."

do you mean the ********ry tag?

I tried that but it gave me the same error as when I just view it directly.

Hmmm, I have done everything but I don't know what it means by what is the name to report a user? When I try I get an error telling me I'm not an admin htough EDIT: Do I have to login as someone else? sanderson?