Legal hacking (walkthrough:))

[sixf00t4]

lets all work together, when you beat a level JUST POST HOW YOU DID IT!!! not the answers!!!


LEVEL 1: view the source of the document, in IE, to to view, then view source. search the top of the code and it will tell you the password.

LEVEL 2: open notepad, and open the url for the flash file. http://www.try2hack.nl/levels/level2.swf just copy and paste that into notepade to open it. you will then see a whole bunch of garbage, but the U/P are in there.

LEVEL 3: there is a line at the top that says <script src="JavaScript"></script>
if you put JavaScript into the url. http://www.try2hack.nl/levels/JavaScript you get the user and password and you see the password= and correct site and wrong site = stuff that the script on the lvl 3 page was pulling the info from.

LEVEL 4: get a java decompiler and openned the .class file in it, somewhere in there it will says "level4" well that is a file. http://www.try2hack.nl/levels/level4 if you view the source on that page it will tell you everything. BobOmega (with blazer's help i think) is a 1337 H4x0r

LEVEL 5: I quit

[Computer]

I am not following you for number 2 what do you mean by open the url. and how did you get the page with the uname a pass to come up without surrounding things?

[sixf00t4]

you aren't supposed to click on that link. .swf are flash files that can be viewed in browsers. if you look at the level2 source it you can see that the swf file is called level2.swf and is in the same directory. that is how you know what it is and where it is. so now you need to open that file in notepad to 'read' its contents

[BobOmega]

lvl 3 requires a little bit of javascrpt know how. try looking at the lvl 3 page where it says "If you don't get a javascript prompt to enter the password, it means your browser doesn't support JavaScript." everything you need is on there.
i used opera to get there. it pops the no java page before it goes to disney i just hit back. if you want how to do it pm me. i dont know if i should post it.

[Blazer06]

level 4 - *ahem* temp file *ahem*

level 5 - don't know yet. download dodi (do search on google). Open the exe in it, and then read the bas files. Convert the numbers to letters using the string in the exe when opend in notepad.


Blaze

[BobOmega]

what temp file for 4? either that or i cannot read at all.

edit nevermind. i'm dumb

[sixf00t4]

i dont get it, it is the same page. there is nothing on the page or in the source that works password and url wise.

[BobOmega]

well the password itself isn't on that page. where to find it is however said. thats why you need to know how the script works. its getting the user and password from somewhere else...

also after 4 is where i start to quit. i dont want to deal with VB files.

[Martoch]

Quote:

Originally posted by BobOmega
lvl 3 requires a little bit of javascrpt know how. try looking at the lvl 3 page where it says "If you don't get a javascript prompt to enter the password, it means your browser doesn't support JavaScript." everything you need is on there.

I'm viewing that info in Notepad, hopefully it's all there...so far I've been to disneyland and I've gotten the "it isn't that easy" phony URL. I don't see what I'm missing, but then again I'm not so sure what I'm looking for. I like how the source looks like it's giving away the answers, but doesn't give away the answers (as far as I can tell anyway).

Quote:

pwd = prompt("Please enter the password for level 3:","");
if (pwd==PASSWORD){
alert("Allright!\nEntering Level 4 ...");
location.href = CORRECTSITE;
}
else {
alert("WRONG!\nBack to disneyland !!!");
location.href = WRONGSITE;
}
PASSWORD="AbCdE";
CORRECTSITE="level4-sfvfxc.xhtml";
WRONGSITE="http://www.disney.com";

[originel]

well, like it's been said before, PASSWORD, CORRECTSITE, and WRONGSITE are being stored in another file. so you just need to find the file.

my recommendation is to read through and determine exactly what each line of code does, because what you're looking for could very easily be mistaken for something else.

EDIT: about level 5.

i'm still working on this one, but here is my feeling. i've found a decoy user/pass by going through multiple paths.

also i used dodi and have concluded that the answer is NOT in the make or main files, so it's in the form file. the problem is i can't get an ascii version of the form, so i can't do anything with it (since ms stopped using binary frm files w/ VB4). so if i can find a copy of VB3 i think i can get it. or find a way to convert it (maybe fake frms2txt to think that vb6 is actually vb3, but i don't think that will work).

my current theory is that they are using an algorithm to store the user and pass cause it isn't stored directly anywhere, i went through the exe with a hex editor and the only ascii values are either random commands or the decoy stuff.