July 24th, 2003, 08:07 PM
for level 8-- i wonder what that list of file names that i get when i run an 'ls' cmd
July 24th, 2003, 09:42 PM
Learning To Use Telnet !
Evenin' folks. Ive just started to have a stab at the hacking exercise, I've got to Level 5 and need to learn about how to use Telnet. Can anyone recommend a good tutorial for how to use it please ? I'm using XP Pro as my O/S, dunno if that makes any difference.
Cheers peeps !
July 24th, 2003, 09:54 PM
go through RFC 2616 and i suggest download Putty as well-- if you go through the thread you will probably find some link to down load it , coz i really dunno where i got mine from but trust GOOGLE and it will show you the light
July 24th, 2003, 10:48 PM
Level 5, telnetting, etc.
So telnet's cool and all, and you really should understand HTTP at a fairly deep level, but questions 5-11 and be solved using much more user-friendly tools. I'm referring, of course, to wget and/or curl. Both are command-line clients for ftp and http what give you more control than GUI browsers, and are much less fuss than telnetting. Of the two, I recommend curl. It comes with most BSD/Linux variants, and can be got from http://curl.haxx.se/download.html.
Anyhoo, man curl will give you all you really need, but some useful options are:
"curl -D filename" will dump the server's HTTP headers to the specified file
"curl -b cookiename=cookieval" will send a cookie to the server.
"curl -a browserString" will send the broswerString to the server (so you can claim you're, say, IE)
"curl -d paramname=paramval" will send a CGI parameter via HTTP POST
"curl -e url" will tell the server that you came from the specified URL
A further note, for those of you trying to learn about HTTP, I do not recommend that you read the HTTP 1.1 spec. Modern browsers and servers use HTTP 1.1, but the spec is far more complicated than HTTP 1.0. Reading the 1.0 spec will give you a good grounding in the core principles of how web applicatioins work. You can read the HTTP 1.0 spec at http://www.faqs.org/rfcs/rfc1945.html
j3r (working on Level 12)
July 27th, 2003, 02:51 AM
Thanks for the info j3r, however I have a question on level 5..
I used telnet and I think completed it (it said password sent) but I never recieved the email,
And I think that hotmail just isn't in the mood for accepting passwords from the site, but im not sure.
July 28th, 2003, 07:44 PM
can ne one help me with level 3? I'm stuck here so I'm guessing they only get harder. ANy advice on the next levels would be appreciated. Thnx. PS, is there a tutorial or hint pg or nething of the kind of hackerslab.org ? Thnx again
July 28th, 2003, 08:29 PM
If you used telnet/curl/wget for #5, and it says it sent the password, than you solved the tricky part of the problem. (You've defeated the "security mechanism".) First of all, make sure that it's sending the password to the right place. If you got the password to #4, you should be able to get the password for #5. Try using telnet/curl/wget/fping(masochists only!)/whatever (anything that's not saving and editing the HTML, then loading it into a browser) to solve #4, that will reduce the number of variables down to one.
You can PM me if you're really stumped.
Someone else posted a link to this site, which has hints for every level. However, if you're stuck on #3 you probably won't learn anything by going through the higher levels. (Either that of you just have a mental block.) It sounds like you might be best served by playing with web server administration and reading up on HTTP.
July 31st, 2003, 09:04 PM
i still have a hard time believing i started this huge thread
July 31st, 2003, 11:34 PM
i think you should be proud of yourself. there is 12 pages worth of replies
August 1st, 2003, 08:44 PM
WHAT A SITE " need to know the password"