Created
August 28, 2012 02:46
-
-
Save evandrix/3494475 to your computer and use it in GitHub Desktop.
Hax.Tor
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Level 1. Make a nasa.gov URL display a text of My Choice | |
| Level 2. debfKNH1AvtBo deGH9Aq./kiSY denjFRfA8kzL2 | |
| Level 3. Recognize | |
| Level 4. IP address is 72.14.221.104. What contains artvЂ â € ™ That Points to IT? | |
| Level 5. Password is the owlvЂ ™ s Name | |
| Level 6. LetvЂ ™ s See you do some Easy SQL ninjitsu | |
| Level 7. snifflog.txt â € "ngrep format | |
| Level 8. Password is on a Picture: not available from Anywhere | |
| Level 9. Elementary Maths | |
| Level 10. A poem | |
| Level 11. As simple as a string hashing | |
| Level 12. Turing Ultra | |
| Level 13. PHP with source â € "Exploiting Needs and / or OOTB Thinking | |
| Level 14. Recognize # 2 | |
| Level 15. download.comvЂ ™ s Uptime | |
| Level 16. root: hsmfs; g@10.0.0.5 | |
| Level 17. Feed me! | |
| Level 18. Find All usernames | |
| Level 19. Red + Blue + green =? | |
| Level 20. Recognize # 3 | |
| Level 21. Backdoor on a suspended Domain | |
| Level 22. MS-Word | |
| Level 23. Too Easy | |
| Level 24. Defense Intelligence Agency | |
| Level 25. BitNinja | |
| Level 26. PHP filemanager with source â € "Needs More exploit | |
| Level 27. The photo doesnvЂ ™ t load | |
| Level 28. telnet :/ / hax.tor.hu: 1800 â € "Google Word Game | |
| Level 29. Circumvent PHP XSS Filters for | |
| Level 30. Given Image create the number using a | |
| Level 31. Find All usernames v2.0 | |
| Level 32. Exploit file2image.php | |
| Level 33. Defense Information Systems Agency â € "209.22.99.66 | |
| Level 34. Password is in the Image | |
| Level 35. Follow the Pattern | |
| Level 36. Root Password needed | |
| Level 37. password = f (200) | |
| Level 38. Name the malware | |
| Level 39. China Science And Technology Network | |
| Level 40. I CAN Has Satellite? | |
| Level 41. Poem VS PHP | |
| Level 42. Criminal Minds FBI haxor Scene | |
| Level 43. CNNvЂ ™ s router | |
| Level 44. Blind SQL Injection | |
| Level 45. N Toads frogs | |
| Level 46. Seizure!!! | |
| Level 47. Backdoor is listening on host â € "Find IT | |
| Level 48. . Htaccess Editor VS Basic auth | |
| Level 49. Forged DNS from the CIA | |
| Level 50. No info |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Fifth and final mission to get a shell
Here we are given a password hash, and we need to decrypt it. I immediately threw it in blunt in John Ripper, but did not receive a response. Started to analyze this hash, and concluded that each even position this hash does not change the number of characters, subject to change and when they change. Began to substitute different characters, each time increasing the password length by one, and finally I found the coincidence of these items when the password in the 5 characters:
Original hash: 83,230 69,128 66,214 89 24 92 204
Hash my password 12345: 6230 5128 4214 24 March 2204
So each odd position means the code symbol. Began to study the table ASCII, UTF and other tables. Went through all occurrences of the table and did not work. Then I noticed that if you go in alphabetical order, then the code will increase by one or decrease. Then I started to do manually "dumb" password guessing, getting closer and closer to the password, I eventually got to the word «drunk«. Its hash fully answered the original hash and I missed the registration page
After registering, you will receive the access data to your account, allowing you to solve puzzles and further manage your free shell found