Ok I have been working to solve the different levels at www.hackthissite.org when my computer freezes up???? Well I restart and go back to the site to find out that it was defaced by a disgruntled hacker lol. Hopefully he didn't place any evil code.
Printable View
Ok I have been working to solve the different levels at www.hackthissite.org when my computer freezes up???? Well I restart and go back to the site to find out that it was defaced by a disgruntled hacker lol. Hopefully he didn't place any evil code.
Me thinks that someone took the URL a lil to seriously, they weren't meant to have the webpage, but the little missions..
The dude that did this must be Angry for some reason, and i'd rather not know.
Wonder when they are gonna be back up?
I wanna finish the missions, as i was so so so close to completing level 5..
cheers
Lfrog
Level 5 on which section? as I was on Level 5 in the basic when this happened. I have completed through level 7 in the realistic missions and through app 8 or 9 in the Application missions.
Seems like the boys at hackthissite are really on the ball as they have already started fixing the site
you know there's is an edit button, i see that you are new so just letting you know ;)
hack this site is a great site, but one of the challenges is to HACK that site, so perhaps it was just that.
on the other hand, the site has been down for server movement, they are getting a new server, so perhaps this was the problem.
don't know for sure.
if anyone is having problems solving the challenges after anything else fails, let me know, perhaps i can give a hint...
my username at hackthissite.org is "gl1mm3rm4n"
grtz
Ah they arn't moving server, and what happened is that a ex member chucked a wobbly.
so there you have it folks.Quote:
An injury to one is an injury to all(again) posted on Tue 04.13.04 by xec96
--------------------------------------------------------------------------------
The site went down for a day or so. In the past month, a staff member(Mele2511 / Lisa) has deleted the IRC server, removed all FTP accounts, threatened to destroy the site, etc. The staff was lenient at first in light of her good work for the community, and has voted to temporary suspend her account for a month and reconvene later to see whether her attitude towards the project has changed for the better. A month later, many were still suspect of her attitudes and ambitions, and it looked as if she was not going to be returning to staff.
In childish bitterness, she thought that if she can't return to staff, she may as well take the site down with her. Using access that had been trusted with her, she proceeded to delete all of the files, destroy the database, and leave a poorly written nonsensical statement that appears to have been written by a 14 year old. Her actions did not target the people that were against her position on staff, but instead it targetted the community. Everyone suffered from her actions. There's no honor in what she did. She proved to everyone that she was everything bad that all the developers warned about.
If you want to talk to this crazy bitch firsthand, talk to her on AIM at Mele2511 or at 80.6.179.136 .
Now we've been trashed several times before, and we have the uncanny ability to bounce back every single time. However, much was lost this time around, including the development. Everything has been rolled back by about a week or so.
Sadly, all the zine orders were trashed with this last incident. If you have pre-ordered a copy of the zine, you will have to wait a day or so until we get the order scripts back and then you will have to resubmit your request. We'll post news about it later.
A lot of good stuff happened as well, but we will have to wait until a later news post cause these issues need to be resolved first. We'll post more details later. Check out a meeting log here. More coming soon...
cheers
f2b
wtf does that mean? ;)Quote:
what happened is that a ex member chucked a wobbly.
I should spend some more time on hackthissite.org , I just took the effort to actually run an md5 cracker. :) My username is el_half .
Damn, lepricaun you're good. I suck at the application levels. Didn't try anything but 1 and 2 but I know I just suck at it lol
it's not that hard, just spend enough time :)Quote:
Damn, lepricaun you're good. I suck at the application levels. Didn't try anything but 1 and 2 but I know I just suck at it lol
although this isn't the first site i joined,
i've started with www.hdcwargame.com , www.try2hack.nl, www.net-force.nl and after these, i've started with hackthissite..
so i had a nice start :P
i'm surprised to here that another staff member has gone bad, a couple of months ago there was another too.... :(
don't know why they do it, but i think it s*cks!
Yeah, it's pretty strange...indeed it sucks.
Any other antionline members active on hackthissite?
hey el-half, i've been checking your site ,and i see that you know a hell of a lot more about assembly then me, so why do you suck at the apps???
Yeah i've been a active member to hackthissite.org for a few months now, completed a few levels on the Realistic Missions, Completed all levels on the Basic missions.
Plus i've beaten a few of the Apllication Missions as well.
F2B
Yeah, I completed all basic missions and 1,2,3,4,5,7 from the realistic ones and 1 from the app's.
lepricaun, why do you think I am that good at assembly?
Ok, I can write it pretty well, but I mostly suck at reverse engineering programs.
Every idiot can do Application 1 but I've not succeeded at Application 2, I know it establishes a connection with hackthissite.org (I also know which url) but I wouldn't know how to get the password. (And when I sniff traffic with windump or ethereal I don't capture outbound packets, is that obvious?)
EDIT: It seems I can capture those packets anyway, nothing useful in it though.
Is the password encrypted when sent?
EDIT2: oops, I was looking way too far, solved it.
i can only read a little assembly ( this also goes for other languages) but i haven't taken the time to learn and write it yet...
as for app2:
just open it with a hex-editor and scroll down to 00165EF0, here a part of a url is located: GET /..../..../..../
when you use this url on www.hackthissite.org/.../.../.../ like that, you have the password.
app3 is possible with a sniffer...
(app2 is also possible with a sniffer, here you can get the url as above)
have fun with it...
Hey lep on try2hack.nl on level 2 how do you open the level2.swf into Notepad?
I've tried a few tricks but nothing works got a hint for me??
f2b
Yeah, just finished app2.
Can you help me a bit with app3?
I found this url to the php file (I think) that checks the password. When I surf to it and give the variable key no value simply 'false' appears.
So I thought I'd try something...I changed the first false to true (and a space), now the program just keeps on 'reading data...', so that is obviously not correct.
Using a sniffer gave no useful text.
EDIT: So, you say you can only read some assembly...does that mean you never have to reverse engineer any of those applications???
How would you solve that application where you have to click the button then??
/me is confused
.:front2back:. ??? lmao, and you have completed all basic web hacking missions on hackthissite? right
Open it in Internet Explorer and after that go to your Temporary Internet Files and look for the flash file, just open it with notepad (the password and username are in plain text in it)
Damn i knew there was something that i had over looked, cheers el-half.
i feel like an idiot now
lol,
That makes 2 of us ;) :DQuote:
i feel like an idiot now
EDIT: crap, I'm stuck in both app3 and 4. I've changed the hell out of app4 and it kept on working. Yet it did exactly what it did before :(
Damn i'm up ta level 5 and i'm looking fine..
Oh now it's just getting to easy. :D .Quote:
To pass this level, download this Visual Basic 3.0 program and enter the correct username/password to proceed to the next level.
Mind you after drinking a 3 mugs of Coffee and a huge slice of Mud Cake, i'm suddenly feeling alive :D
f2b
:) You have to know I have never succeeded at passing the level with the java applet (level 3 I think), I must be really overlooking something. (It's been a while too since I've been there but I don't think I'd find it now).
app3: i believe i've used a sniffer for this one, and when you send the request to the site, you get a false back, but also the true s/n i believe..
can't check it now, cause i'm at work and a sniffer doesn't work on this networkcard :(
app4: get a hold of the proggie api spy....
have fun..
o and b.t.w. there are some app's that need reverse engineering, but only changing the JNZ to JE and that kind of stuff, so it's pretty easy....
Hmm, I don't get how that proggie should help. But I have the feeling I am overlooking something in the way it might be useful.
EDIT: I need help on level 4 of try2hack.nl , I decompiled the class file, I just don't get where I would find the password, this code is very confusing.
It reads something but how??? inURL is null????
hey el-half did you want the user name and pass word?
if "yes" Then check the next post
If not then don't view it..
i'll make it hidden for yah
cheers F2b
Level 4 code
appletking <---username
pieceofcake <----password
cheers
f2b
I rather like to know how to get it.
don't bother for the class file in level 4, just check your temp inet files for more files ( a .txt file)
it will be there in plain text...
? Level 5 ?
The password and username are in plain text in the visual basic executable.
Yet it when I enter them it says incorrect password and/or password ??
that is a boobytrap in the executable....
i've searched the hell out for a vb3 decompiler, but haven't found it yet...
perhaps it is possible to decompile it with vb reformer, smartcheck or ollydbg, just search for those tools....
Decompile? I have ollydbg, it's not a decompiler, it dissassembles the code...which can be pretty hard to understand. I find ollydbg the best free debugger/disassembler available for Windows.
EDIT: crap, ollydbg can't open vb executables. I'll have to use Win32dasm then...
EDIT2: disassembled it with w32dasm, it's short, only 689 lines (with comments). Short enough for me to be able to try and make sense of it
sorry, i meant dissasemble...
but yes i've found out too that with a hex-editor and w32dasm you can crack it....
b.t.w. ( i already know the password, and beaten lvl6, 7, and 8 too, but this was the only one i hadn't solved myself yet, so i'll go and strip the app....
hey el-half got a link for that Win32dasm
Or should i just use my uber powers and do a google search??
f2B
This seems to be a link: http://www.downseek.com/download/21279.asp
I don't know anymore where I got mine.
front2back, you need a hex-editor too because you can't edit files with w32dasm (my version).
I suggest hiew because with that you can view the disassembled version of an executable and you can modify it without actually having to assemble it again with an other assemler (because the hex is directly edited)
Thanks for the el-half, i thought that level 5 would be a breeze, but after realising that my Decompiler wouldn't decompile it i went on a witch hunt for a decompiler, but everyone that i've downloaded so far are just as S**t as the other ones.
And i scored a hex-editor from a friend.
cheers
f2b
my personal favorite hex-editor is ultra-edit....
but some others will do too :)
let me know if you got through level5, and b.t.w. just do a search on "level5.exe" on google, you'll come up with some interesting thing....
level5 sucks :(. I downloaded win32dasm from that link, but when I open up level5.exe, all I get are a bunch of symbols. Is there something I'm missing? Even if it did work, it would be in assembly right? I don't think I can read assembly, lol.
/me is surprised he even got to level5
edit
it's amazing what the help files do. I just needed to change the font and I get correct textual output. Now if I just knew assembly.
/me tries to read the code
edit2
I finally got it. I had to get some decompiler for vb3 off of someone. Then I had to decode some trash, the user and pass didn't even work that I decoded, but the url I decoded worked for level6, so who cares :). If you need any help pm me. Seems as though level6 is about the same with a vb6 prog though :(. We'll see how it goes.
edit3
Any tips for level8? I'm stumped.
http://cs.smith.edu/~thiebaut/ArtOfA.../artofasm.html
Lol, yeah, I had to change fonts too when I used win32dasm for the first time...
Screw me for failing at completely understanding the disassembled program.
/me pm's for help :)
I'm stuck at level 5 changed the font can't understand it still x.x most I can find is the invalid password message.
seems as though you need to decompile for level5 and not disassemble. I have the tool that seems to be the only one that will work. So if you want it pm me. Once you get it decompiled you're still only about half way there, you have to do some stuff to figure out the user and pass. I hate levels where you have to download obscure apps to do them. Good luck.