Axino.net

Challenge number 12 will be easy if you have visited resource about null poison byte I offered in that tutorial. If you haven’t you might have some problems.

Introduction is very scarce:

Find the password for the protected folder and then access it!
Protected Folder

But if you check URL: http://www.hellboundhackers.org/challenges/basic12/index.php?page=challenges.php you may notice that in fact index.php file includes page named challange.php since we know that we need to access protected folder. we must figure out which file we need to include in. If you do some research on subject you will probably find out that to protect folders usually data is stored in .htaccess file.

So we have to figure out URL that will include this file and probably show us content. Since file is in protected folder we must adjust for that. And URL that includes .htaccess file is as following:

http://www.hellboundhackers.org/challenges/basic12/index.php?page=protected/.htaccess

Now you will obtain this description:

AuthType Basic
AuthName "Restricted Area"
AuthUserFile ".htpasswd"
require valid-user

It is obvious that we have to include file named .htpasswd. After entering following URL in the box:

http://www.hellboundhackers.org/challenges/basic12/index.php?page=protected/.htpasswd

We obtain this description:

user:1Gwn39lwmRu9U

This in fact is our encoded password. Now we know that username is user meanwhile password hash should be decoded with John the ripper.

Decoded password is:

umbrella

So after you enter user and umbrella you will be able to see content of protected folder and link to 13th mission.

Similar Posts:

• Basic web hacking 4 :: bad upload
• Basic web hacking 9 :: null poison byte
• hackthissite.org basic 11 :: Music collection
• Basic Web Hacking 15 :: My robot
• Basic Web Hacking 17 :: java decompiler