Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Real 7 Admin folder

  1. Home
  2. Forum
  3. Realistic
  4. Real 7 Admin folder

ghost's Avatar

ghost

0 0

This is my first post ;)

I did ALL of the other checkpoints but I'm working on gaining access to the admin folder. I know where's the admin folder and what I can exploit. But I'm having a hard time thinking and trying to peek the fck into the password file. Here are what I have done so far. None of these worked. …=an/.tss …=/h*/n***/.tss …=/h***/n***/a****/.tss …=/h***/n***/p*****_l/.tss …=.ts*s

I tried the filename .htaccess as well. Why am I going wrong?


ghost's Avatar

ghost

0 0

your close but the challenge is abit buggery. in the challenge there's no '.' in .htaccess and this think there's another spelling mistake. Check the other thread because i think one or two discuss this bit in detail.


ghost's Avatar

ghost

0 0

Why, why, WHY THE F*CK everyone else can find the password hash????? It's goddamn difficult for me to think of misspells! English is my native language! (Although I live in Japan ;) ) Can somebody tell me which part of the path is misspelled?


ghost's Avatar

ghost

0 0

Add me to the list! cant go beyond "not found" part. Have tried all the possible combinations. None is working!

I wonder if that is the reason this challenge is marked as "HARD", :P


ghost's Avatar

ghost

0 0

If you have access to an apache server, look into the directory that /public_html/ is in. Somewhere in there will be a directory that you can follow to find the correct file. ;]


ghost's Avatar

ghost

0 0

Well i have tested (in addition to what Squirrel has already mentioned), the following combinations:

/h***/n***/.pd/ /h/n**/.pds/ /h/n**/pd/ /h/n**/pds/ /h/n**/pd/ /h/n/p******ds/ … and so on and on… to no avail. I do know where apache normally stores those files, :)

[EDIT] OKKKKK, i have completed it, yippieeeeee!


ghost's Avatar

ghost

0 0

AHHHHHHHHHHHH!! ANOTHER ONE PASSED THIS !@#$ING MISSION!! WHY? WHY? WHY? WHY? WHY? WHY? WHY? WHY?


ghost's Avatar

ghost

0 0

PM me man, mine was a freaking spell mistake… will let u know..


ghost's Avatar

ghost

0 0

OK got it. Thanks.


ghost's Avatar

ghost

0 0

ar, i cant get this one either….a little help with the spelling flaw


Flaming_figures's Avatar

Flaming_figures

Member
0 0

alright, big question. It is looking for the directory with multiple passwords. Now I don't know if this is true- but it looks that way :P If the mission creator is looking at this- why did you make it like that….? and does anyone else know?:::::::oh ya, and if that is too revealing, tell me and I will edit it as quickly as possible:::::::


ghost's Avatar

ghost

0 0

can i pm you what im trying and you can tell me if im atall lin the right direction?