-
July 6th, 2003, 01:34 AM
#21
hey any of ya guys figure out how to get passed level 5 yet?
-
July 6th, 2003, 02:22 AM
#22
POST (not GET)
Acturally it is a POST request for level 5. I tried running Ethereal when I submitted with the default values, and the results should be attached. I went and converted it into ASCII and saved it in .txt, and zipped it.
Hopefully if you've ever played with HTTP servers in telnet or something you'll be able to make use of some of this information. And for everyone else, now you know what I'm running
-Tim_axe
-
July 6th, 2003, 07:32 AM
#23
hey tim_axe i thought about runnin ethereal but didnt think it'd help any cuz the password would never come my way so i couldnt really sniff it. I looked that the server-to-me text file and it said the password was sent...did u get the password? i noticed u didnt change the html page referrer..what did u do?
-
July 6th, 2003, 01:19 PM
#24
Junior Member
level 5
http://www.hulla-balloo.com/hack/level5/level5.php?to="rainbow_dragon_@hotmail.com",Referer:"http://www.hulla-balloo.com/hack/level5/index.php"
something like that should work but i know the part with referer has something wrong but i cant remember what is it referer = : ?
-
July 6th, 2003, 03:53 PM
#25
Thanks Tim_axe for pointing me in the right direction with the POST request. That obviously makes A LOT more sense then trying to GET the page. I should have used my brain and used Ethereal or similar to see what was going on. Anyways, I finally figured it out!
My tips for anyone still stuck on level 5, are:
1. Figure out how to use telnet to send URL requests
2. Figure out how the POST method works in terms of URL requests.
3. You DO have to spook the Referer and that's why you need telnet or similar.
If you are really stuck, PM me and I'll help you out some more.
Good luck all!
\"When you say best friends, it means friends forever\" Brand New
\"Best friends means I pulled the trigger
Best friends means you get what you deserve\" Taking Back Sunday
Visit alastairgrant.ca
-
July 6th, 2003, 04:35 PM
#26
To access the pages that require you to change hidden values, check out HTML Source. I believe there was a thread on it previously, but it will allow you to change form values while still on the page. While we're talking about this, if anyone has the level 8 to level 9 solution, or even a step in the right direction... I'm too lazy to sit and figure out what's wrong with the php and it doesn't seem to be anything to do with pipes.
-
July 6th, 2003, 05:47 PM
#27
Junior Member
-
July 6th, 2003, 05:58 PM
#28
I raced threw them all.. post me the level 5 question and I'll tell ya. .but my memory sucks
-
July 6th, 2003, 07:38 PM
#29
Junior Member
Im telnetting to port 80 to pass level5
here is what telnet gives me
Telnet log
GET /hack/level4/level4.php HTTP/1.1
Referer:http://www.hulla-balloo.com
To="myadress@mymailserver.com"
HTTP/1.1 400 Bad Request
Date: Sun, 06 Jul 2003 18:36:22 GMT
Server: Apache/1.3.20 Sun Cobalt (Unix) Chili!Soft-ASP/3.6.2 mod_ssl/2.8.4 OpenS
SL/0.9.6b PHP/4.1.2 mod_auth_pam_external/0.1 FrontPage/4.0.4.3 mod_perl/1.25
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1
13c
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>400 Bad Req
uest</TITLE>
</HEAD><BODY>
<H1>Bad Request</H1>
Your browser sent a request that th
is server could not understand.
Request header field is missing colon separato
r.
<PRE>
To="myadress@mymailserver.com"</PRE>
</BODY></HTML>
0
what am i doing wrong
-
July 6th, 2003, 07:38 PM
#30
Ey... What is this kind off big ass spoiler stuff? It's supposed to be a challange... People spend days weeks and I heard of even months trying to figure stuff like this out. If you did it on yer own you did something for real. If you just read this thread and got to level whatever with as good as zero knowledge, you're nothing more then just what some people would call "scriptkiddie". I forgot the thread about that.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|