javascript mainly....
but i do have troubles with other codes.
Printable View
javascript mainly....
but i do have troubles with other codes.
Another challenge for me.
Quote:
Are you referring to actually programming in JS or are you asking in reference to one of the first few challenges that is presented at www.hulla-balloo.com? If you are asking in reference to the challenge, then the answer to that question was given earlier in this thread, I believe. If you are asking in reference to general programming, then here is what I did for you. I just did a quick search for "javascript tutorials" on Google and came back with these results:
http://www.google.com/search?hl=en&i...t+tutorials%22
That was quick and dirty, but there are literally thousands of websites where you can find code examples, tutorials, etc. to help with your programming education. I have a decent collection of some bookmarks that I've gathered over the years that have helped me learn all kinds of things, and I've probably got a few you might be interested in - if so, just shoot me a PM.
Haha, I didn't use any telnet, I hacked with Proxomitron. :) However I didn't pass level 5 either. About the other game, JavaScript linkColor, its the defined in the html <body tag, linkcolor="00000" or something. Take the part inside the quotes.
I entered this:
telnet www.hulla-balloo.com 80
GET /hack/level5/level5.php HTTP/1.1
Host: www.hulla-balloo.com
Referer: http://www.hulla-balloo.com/hack/level5/index.php
To: [email protected]
and received a reply that the password email had been sent. Urhm.....but I never got it. I'm so freakin' close I feel a little frustrated.
Any ideas on what I'm screwing up? :(
Your on the right track, but a hint: "To" will not work on a line all by itself.
Wait a minute.....are you saying that I should put the email address I got from the previous level's password remimder as a From: ??? Or that simply putting To: [email protected] is written wrong?
Jeeze, I've even got a book on Web Hacking and it has nothing about telnetting in it!
*throws book across the room* :mad:
hi all,Quote:
Originally posted here by AlcatraX
hi everybody,
i`m stuck on level 5. i tried to telnet the site on port 80 but it says -"could not connect to host on port 80".
is there any other alternative way to get past level 5.
what should i do next?
if something is to be done in javascript/vbscript just give me a brief hint as i`m new to javascript and learning these days.
i little light in right direction will be of great help.
can u people help me try out of level 5.
i tried to telnet but failed.
i think i`m behind a firewall, whose settings i cannot change.
so, if anyone can suggest another option.
Hey:
I've been doing these games for a while, but:
I'm having telnet probs with level5. FOr some reason, no matter what I do, I can't get the files. BTW, with hackerslab.org... I can't connect on to the drill serv with any other port that isn't 80. Peeps told me to use 23, but not even that one works.
Oh, another thing. I'm interested in the mechanics of level 5: What exactly did that "Sam" guy do to secure the file better?
It tells me the password is sent successfully, but i really do not get anything
Suggestion or clues pls..
Thanks before hand
telnet www.hulla-balloo.com 80
GET /hack/level5/level5.php HTTP/1.1
Host:www.hulla-balloo.com
Referer:http://www.hulla-balloo.com/hack/level5/index.php
From:[email protected]
GET /hack/level5/level5.php?to:[email protected] HTTP/1.1
I must be a blooming idiot, I can't get level 1 password. Sheeese, I need to go back to bed...
Its been posted and its in the source code... and in case you're not joking like I think you are.... right click (or go to view -> source) -> view source -> scroll down and look for password
I was thinking of posting the solution, but instead I'm going to give a few more hints....
Many of you are doing everything right, except on the first line....
you must make the server think the form came from www.hulla-balloo.com/hack/level5/index.php and you must make it through a GET request instead of a POST one.
So, the first line you input on telnet would be GET .......... HTTP/1.1
and the third line: Referer: http://www.hulla-balloo.com/hack/level5/index.php
With this you already made it process the form as a GET request and make it think it has came from www.hulla-balloo.com/hack/level5/index.php
So, if the protection from the referer is gone, and if it is being passed has a get request....
Hummmm, it sounds a lot like level4 isn't it?!
I can't give anyhints without posting the full answer, any doubts PM me....
why is this thread gone dead?no post has been made in this for so long.
should i think the people here r lacking grey cells or have lost the attitude needed for being a h***er.
the very first line from the defn of h***er says the "a hardcore computer geek who shares his knowledge with others"
so pls u all, atleast u newbies, don`t let this tread down its a challenge for all of us and challenges r always hard to crack.
this thread should move on b`cos "one should not divert from one`s chosen path halfway".
so wake up u all wannabe geeks...we haven`t reached our destination as yet it is yet very much far away.
--- Level 5 is the current challenge. Any one gone through it without using telnet.
Cool site! I wonder how come there are so many types of these sites though...
Hum, actually I did get past level 5, to level 8 which is supposed to be some SSI exploit as I read here, I just made a mistake while writing my previous message in hurry... I was (am) in a web cafe at Gran Canaria and the counter let me know that I had only 3 minutes of time left. ;) Anyway, I got to level 8 with Proxomitron only, no need for dirty telnetting. :) You should try it too...
I could not get the Telnet to work on level5,
But I found that
"netcat is your friend."
Got to 9. This is a riddle of some sort.
hi 3r2,Quote:
"netcat is your friend."
really don`t understand what does that mean. tell me how u got this message whithout using telnet
Ok. I am very pathetic. I have absolutly no idea what to do. And please, someone actually talk to me, not just tell me to go to another tutorial.....
nvm.....i got it.....
well after level 5 its pretty simple ..... level 8 has some bug so the password is given
but the catch here is that level 8 does not make much of a sense to me...humph
but well i guess i need to do a bit of thinking on this..
sorry bout that i guess its level 7 that has soem kind of bug not level 8
i dont really have much to say as i've already said this site is great and fun in this thread but i just wanted to get the 100th post...this site is great though...fun deal
Cacophinix, why didn't you just edit your last comment, before you posted it, to say level 7 instead of apologizing for saying level 8?
actually i posted the earlier post , and then i saw the blunder that i did---
so i posted another to correct that but it was clubbed with the earlier post
so basically it was to different post-- but just got clubbed -- i dunno how it works
--------------
another thing, anybody with clue for level 8 will be appreciated...
man look at the typos ---
"so basically it was to different post-- but just got clubbed -- i dunno how it works"
"so basically it was two different post-- but just got clubbed -- i dunno how it works"
its 5:19 in the morning and i have been working all night , so i guess it just means that i need to get some sleep before i commit another silly freaking blunder
It's alright. I was just wondering.
Ok Slick Pm me with your question and I will see if I can answer it. I am not sure which one you are on but I will see.
Whizkid2300
hi all,
i`m stuck up in level 5, tried telnet but it is not working as i`m behind firewall whose settings i cannot change.
so, if anyone there, is having any other way (possibly in javascript) to get through lvl 5, then pls notify me.
I found some hints
Could someone give me a hint for level 3, thanks and sorry Im a newbie but trying to learn.
Well i believe a hint has been given a couple times before so i would suggest searching first but i will try and help.
Sam uploaded the password but he must have placed it in the wrong level. look at the error messages and try playing around with the url. if you have anymore questions or need a little help feel free to pm me.
PeacE
-BoB
hey higher talshiar,
great man.....
hints r very good as they provide not too little not too much about a particular level.
-AlcatraX
for level 8-- i wonder what that list of file names that i get when i run an 'ls' cmd
Evenin' folks. Ive just started to have a stab at the hacking exercise, I've got to Level 5 and need to learn about how to use Telnet. Can anyone recommend a good tutorial for how to use it please ? I'm using XP Pro as my O/S, dunno if that makes any difference.
Cheers peeps !
go through RFC 2616 and i suggest download Putty as well-- if you go through the thread you will probably find some link to down load it , coz i really dunno where i got mine from but trust GOOGLE and it will show you the light
So telnet's cool and all, and you really should understand HTTP at a fairly deep level, but questions 5-11 and be solved using much more user-friendly tools. I'm referring, of course, to wget and/or curl. Both are command-line clients for ftp and http what give you more control than GUI browsers, and are much less fuss than telnetting. Of the two, I recommend curl. It comes with most BSD/Linux variants, and can be got from http://curl.haxx.se/download.html.
Anyhoo, man curl will give you all you really need, but some useful options are:
"curl -D filename" will dump the server's HTTP headers to the specified file
"curl -b cookiename=cookieval" will send a cookie to the server.
"curl -a browserString" will send the broswerString to the server (so you can claim you're, say, IE)
"curl -d paramname=paramval" will send a CGI parameter via HTTP POST
"curl -e url" will tell the server that you came from the specified URL
A further note, for those of you trying to learn about HTTP, I do not recommend that you read the HTTP 1.1 spec. Modern browsers and servers use HTTP 1.1, but the spec is far more complicated than HTTP 1.0. Reading the 1.0 spec will give you a good grounding in the core principles of how web applicatioins work. You can read the HTTP 1.0 spec at http://www.faqs.org/rfcs/rfc1945.html
Enjoy,
j3r (working on Level 12)
Thanks for the info j3r, however I have a question on level 5..
I used telnet and I think completed it (it said password sent) but I never recieved the email,
And I think that hotmail just isn't in the mood for accepting passwords from the site, but im not sure.
can ne one help me with level 3? I'm stuck here so I'm guessing they only get harder. ANy advice on the next levels would be appreciated. Thnx. PS, is there a tutorial or hint pg or nething of the kind of hackerslab.org ? Thnx again
Jehryn:
If you used telnet/curl/wget for #5, and it says it sent the password, than you solved the tricky part of the problem. (You've defeated the "security mechanism".) First of all, make sure that it's sending the password to the right place. If you got the password to #4, you should be able to get the password for #5. Try using telnet/curl/wget/fping(masochists only!)/whatever (anything that's not saving and editing the HTML, then loading it into a browser) to solve #4, that will reduce the number of variables down to one.
You can PM me if you're really stumped.
dantesheaven:
Someone else posted a link to this site, which has hints for every level. However, if you're stuck on #3 you probably won't learn anything by going through the higher levels. (Either that of you just have a mental block.) It sounds like you might be best served by playing with web server administration and reading up on HTTP.
i still have a hard time believing i started this huge thread
i think you should be proud of yourself. there is 12 pages worth of replies :D
WHAT A SITE " need to know the password"