Hacking puzzle

Thread: Hacking puzzle

  1. TKay's Avatar

    TKay said:

    Default Hacking puzzle

    Yet another one:



    [Only registered and activated users can see links. ]

    --
    The hardest thing in this world is to live in it
     
  2. Spectracide's Avatar

    Spectracide said:

    Default

    Made it to level 2
     
  3. Gavin M's Avatar

    Gavin M said:

    Default

    my m8 on icq showed me a page similar to that he got threw the hole thing with no problems i'll give him the link and see what he can do
     
  4. bridger's Avatar

    bridger said:

    Default

    Yup - got to level 2 myself - and Im stumped - suggestions plz?!
     
  5. Nookie_Bear's Avatar

    Nookie_Bear said:

    Default

    Got stuck on level 4.

    Decompiled the java, but still none the wiser, no idea where the file it reads is comming from.

    TBH should be working, but prob. could crack it given the time
     
  6. Nookie_Bear's Avatar

    Nookie_Bear said:

    Default

    Originally posted by bridger
    Yup - got to level 2 myself - and Im stumped - suggestions plz?!
    Think how the password is stored, and how you might be able to view where it is defined.
     
  7. Fett's Avatar

    Fett said:

    Default

    Level 4 has me stumped

    As for your level 2 problem maybe you will have a flash of genius and work it out.
     
  8. Fett's Avatar

    Fett said:

    Default

    Nookie_Bear that text file you have posted is not the decompiled code . Thats why you are so puzzled . Heres the code . You will defintely work it out now


    import java.applet.Applet;
    import java.applet.AppletContext;
    import java.awt.*;
    import java.awt.event.ActionEvent;
    import java.awt.event.ActionListener;
    import java.io.*;
    import java.net.MalformedURLException;
    import java.net.URL;
    import java.util.EventObject;

    public class PasswdLevel4 extends Applet
    implements ActionListener
    {

    public PasswdLevel4()
    {
    inuser = new String[22];
    totno = 0;
    countConn = null;
    countData = null;
    inURL = null;
    txtlogin = new TextField();
    label1 = new Label();
    label2 = new Label();
    label3 = new Label();
    txtpass = new TextField();
    lblstatus = new Label();
    ButOk = new Button();
    ButReset = new Button();
    lbltitle = new Label();
    }

    void ButOk_ActionPerformed(ActionEvent actionevent)
    {
    boolean flag = false;
    for(int i = 1; i <= totno / 2; i++)
    if(txtlogin.getText().trim().toUpperCase().intern() == inuser[2 * (i - 1) + 2].trim().toUpperCase().intern() && txtpass.getText().trim().toUpperCase().intern() == inuser[2 * (i - 1) + 3].trim().toUpperCase().intern())
    {
    lblstatus.setText("Login Success, Loading..");
    flag = true;
    String s = inuser[1].trim().intern();
    String s1 = getParameter("targetframe");
    if(s1 == null)
    s1 = "_self";
    try
    {
    finalurl = new URL(getCodeBase(), s);
    }
    catch(MalformedURLException _ex)
    {
    lblstatus.setText("Bad URL");
    }
    getAppletContext().showDocument(finalurl, s1);
    }

    if(!flag)
    lblstatus.setText("Invaild Login or Password");
    }

    void ButReset_ActionPerformed(ActionEvent actionevent)
    {
    txtlogin.setText("");
    txtpass.setText("");
    }

    public void actionPerformed(ActionEvent actionevent)
    {
    Object obj = actionevent.getSource();
    if(obj == ButOk)
    {
    ButOk_ActionPerformed(actionevent);
    return;
    }
    if(obj == ButReset)
    ButReset_ActionPerformed(actionevent);
    }

    public void destroy()
    {
    ButOk.setEnabled(false);
    ButReset.setEnabled(false);
    txtlogin.setVisible(false);
    txtpass.setVisible(false);
    }

    public void inFile()
    {
    new StringBuffer();
    try
    {
    countConn = inURL.openStream();
    countData = new BufferedReader(new InputStreamReader(countConn));
    String s;
    while((s = countData.readLine()) != null)
    if(totno < 21)
    {
    totno = totno + 1;
    inuser[totno] = s;
    s = "";
    } else
    {
    lblstatus.setText("Cannot Exceed 10 users, Applet fail start!");
    destroy();
    }
    }
    catch(IOException ioexception)
    {
    getAppletContext().showStatus("IO Error:" + ioexception.getMessage());
    }
    try
    {
    countConn.close();
    countData.close();
    return;
    }
    catch(IOException ioexception1)
    {
    getAppletContext().showStatus("IO Error:" + ioexception1.getMessage());
    }
    }

    public void init()
    {
    setLayout(null);
    setSize(361, 191);
    add(txtlogin);
    txtlogin.setBounds(156, 72, 132, 24);
    label1.setText("Please Enter Login Name & Password");
    label1.setAlignment(1);
    add(label1);
    label1.setFont(new Font("Dialog", 1, 12));
    label1.setBounds(41, 36, 280, 24);
    label2.setText("Login");
    add(label2);
    label2.setFont(new Font("Dialog", 1, 12));
    label2.setBounds(75, 72, 36, 24);
    label3.setText("Password");
    add(label3);
    add(txtpass);
    txtpass.setEchoChar('*');
    txtpass.setBounds(156, 108, 132, 24);
    lblstatus.setAlignment(1);
    label3.setFont(new Font("Dialog", 1, 12));
    label3.setBounds(75, 108, 57, 21);
    add(lblstatus);
    lblstatus.setFont(new Font("Dialog", 1, 12));
    lblstatus.setBounds(14, 132, 344, 24);
    ButOk.setLabel("OK");
    add(ButOk);
    ButOk.setFont(new Font("Dialog", 1, 12));
    ButOk.setBounds(105, 156, 59, 23);
    ButReset.setLabel("Reset");
    add(ButReset);
    ButReset.setFont(new Font("Dialog", 1, 12));
    ButReset.setBounds(204, 156, 59, 23);
    lbltitle.setAlignment(1);
    add(lbltitle);
    lbltitle.setFont(new Font("Dialog", 1, 12));
    lbltitle.setBounds(12, 14, 336, 24);
    String s = getParameter("title");
    lbltitle.setText(s);
    ButOk.addActionListener(this);
    ButReset.addActionListener(this);
    infile = new String("level4");
    try
    {
    inURL = new URL(getCodeBase(), infile);
    }
    catch(MalformedURLException _ex)
    {
    getAppletContext().showStatus("Bad Counter URL:" + inURL);
    }
    inFile();
    }

    private URL finalurl;
    String infile;
    String inuser[];
    int totno;
    InputStream countConn;
    BufferedReader countData;
    URL inURL;
    TextField txtlogin;
    Label label1;
    Label label2;
    Label label3;
    TextField txtpass;
    Label lblstatus;
    Button ButOk;
    Button ButReset;
    Label lbltitle;
    }
     
  9. Nookie_Bear's Avatar

    Nookie_Bear said:

    Default

    cheers m8, got it no bother with that!

    These cheap 'demo' decompilers!
     
  10. xdam's Avatar

    xdam said:

    Default

    im still stupmed on 2
    [Only registered and activated users can see links. ]
     
  11. Panda's Avatar

    Panda said:

    Default

    xdam,

    You have pm.

    This site is great fun - I'm about to start level 9
     
  12. xdam's Avatar

    xdam said:

    Default

    thanks mate
    [Only registered and activated users can see links. ]
     
  13. Fett's Avatar

    Fett said:

    Default

    Level 9 is going to their IRC channel and hacking the BOT .

    I have no clues about hacking etc . Id probably just see what bot there using and try find an exploit .

    I havent had a proper look at level 5 yet .

    Also xdam at first I thought the answers could all be found just within the site basicly , you need tools etc. Dont worry you will work it out (Hurry please and help me on level 5)
     
  14. mark1984's Avatar

    mark1984 said:

    Default

    can someone please point me in the right direction for some tools or some help to get past level 2.

    Thanks
     
  15. Fett's Avatar

    Fett said:

    Default

    *HINT* What does the page use to generate the password box?
     
  16. Panda's Avatar

    Panda said:

    Default

    Fett,

    To do level 5, you need to do what you helped Nookie_Bear do on level 4 (although you didn't need to do in then ). You will have major problems getting the right tools, but when you give up, I have what you need
     
  17. Fett's Avatar

    Fett said:

    Default

    Hi panda

    Ive decompiled the exe using an easy online VB3 decompiler.

    I have the files but cant for the life of me work it out . Ive never looked at VB code.
    Update: Worked it out the old fashioned way with pen and paper.
    Last edited by Fett; 26th May 2002 at 07:54 PM.
     
  18. Conkers's Avatar

    Conkers said:

    Default

    nah... I'm stumped on level 2 !
     
  19. Panda's Avatar

    Panda said:

    Default

    For all of you stuck on level 2, search your C: drive and see what files have been written since you accessed level 2 - one of those is the file that produces the login prompt - might be worth looking at it !
     
  20. Conkers's Avatar

    Conkers said:

    Default

    nah... I'm dumb as f**k !

    Using explorer in win2000 to search my C drive on files modified turns up nowt ! But I'm not giving in............. yet !! :