Lil help with level 4? The others were pretty much a breeze... I decompiled level 4, but not knowing Java I cant make much out of it... any hints?

Kind a stuck in level 4 help plzzz!

___________________
TranceAddict Med-ik

What in gods name do you do for level 3?

___________________
[img]http://members.shaw.ca/magimaster/xxlkubosan300-60.gif[img]
edit sig- image too large please resize

mwahahaha, stupid me, i hacked level 4, i'm a 5|_||04|-| 1337 |-|4x0r !!!!!


i'm off to hack level 5 and then microsoft!!!

here's 2 hints for ya'll for level 4:

since the applet doesn't contact the server, it stores the password on your computer.


and if you still have no clue:


public void init()
{
setLayout(null);
setSize(361, 191);
add(txtlogin);
txtlogin.setBounds(156, 72, 132, 24);
label1.setText("Please Enter Login Name & Password");
label1.setAlignment(1);
add(label1);
label1.setFont(new Font("Dialog", 1, 12));
label1.setBounds(41, 36, 280, 24);
label2.setText("Login");
add(label2);
label2.setFont(new Font("Dialog", 1, 12));
label2.setBounds(75, 72, 36, 24);
label3.setText("Password");
add(label3);
add(txtpass);
txtpass.setEchoChar('*');
txtpass.setBounds(156, 108, 132, 24);
lblstatus.setAlignment(1);
label3.setFont(new Font("Dialog", 1, 12));
label3.setBounds(75, 108, 57, 21);
add(lblstatus);
lblstatus.setFont(new Font("Dialog", 1, 12));
lblstatus.setBounds(14, 132, 344, 24);
ButOk.setLabel("OK");
add(ButOk);
ButOk.setFont(new Font("Dialog", 1, 12));
ButOk.setBounds(105, 156, 59, 23);
ButReset.setLabel("Reset");
add(ButReset);
ButReset.setFont(new Font("Dialog", 1, 12));
ButReset.setBounds(204, 156, 59, 23);
lbltitle.setAlignment(1);
add(lbltitle);
lbltitle.setFont(new Font("Dialog", 1, 12));
lbltitle.setBounds(12, 14, 336, 24);
String s = getParameter("title");
lbltitle.setText(s);
ButOk.addActionListener(this);
ButReset.addActionListener(this);
infile = new String("level4");
try
{
inURL = new URL(getCodeBase(), infile);
}
catch(MalformedURLException _ex)
{
getAppletContext().showStatus("Bad Counter URL:" + inURL);
}
inFile();
}

___________________

quote:

Originally posted by Dmatrox i used DoDi's Visual Basic Tools to decompile the exe, but i have no understanding in VB code, so i cant figure it out

it's easy

here's where your real login is

If txtUsername <> Mid(mc001A, 56, 1) & Mid(mc001A, 28, 1)
& Mid(mc001A, 35, 1) & Mid(mc001A, 3, 1) & Mid(mc001A, 44, 1)
& Mid(mc001A, 11, 1) & Mid(mc001A, 13, 1) & Mid(mc001A, 21, 1)


here's where your real password is

If txtPassword <> Mid(mc001A, 51, 1) & Mid(mc001A, 31, 1)
& Mid(mc001A, 30, 1) & Mid(mc001A, 51, 1) & Mid(mc001A, 16, 1)
& Mid(mc001A, 45, 1) & Mid(mc001A, 24, 1) & Mid(mc001A, 29, 1)
& Mid(mc001A, 26, 1) & Mid(mc001A, 19, 1) & Mid(mc001A, 28, 1)
& Mid(mc001A, 11, 1) & Mid(mc001A, 30, 1) & Mid(mc001A, 19, 1)
& Mid(mc001A, 25, 1) & Mid(mc001A, 24, 1)

here's the hash source which is used for encryption

Const mc001A =
"0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ.,:;-*+=~|&a
mp;!_$#@()[]{}<\/>"



i stuck on level 6

___________________

almost done with level 6
bwuahahaha!

___________________

Last edited by Noisician on Aug-24-2002 at 13:33

quote:

Originally posted by Acid Junkie it's easy

*TiestoInTheMix bangs his head on the wall and on the keyboard...


it took me 30 minutes to go through the files and realize they don't contain any hint of a pasword at all (i guessed the username though).

it took me 1 hour to find a decompiler.

it took me 30 minutes to realize that the damn thing won't work and even if it did, i would be reading something that'd look like chinese to me.

thanks to acid junkie i got the password...

i am currently on level 6... thank god i browsed the usenet before and found out that you can't decompile vb5 and vb6 at all... otherwise i would have spent the whole night doing it...

and the goddamn level 6 proggie DOES connect to the internet, thus it must mean it retrieves the password from the server and therefore

*TiestoInTheMix bows his head and gives up...

*TiestoInTheMix will never be a hacker (well, as long as these damn vb3 decompilers don't work!!!)

___________________

yay!
ababa aabaa baabb aabaa ababa baaab aabaa baabb aabaa abbaa
stands for the url of the next level!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

it's http://www.try2hack.nl/levelseven.html


and that's where i'm giving up. i have no idea how to overcome the script...



acid junkie looks under his bed, pulls out his old books on perl scripting, wipes off the dust, and starts to read to find anything useful...

___________________

Last edited by Noisician on Aug-23-2002 at 03:41

quote:

Originally posted by TiestoInTheMix and the goddamn level 6 proggie DOES connect to the internet, thus it must mean it retrieves the password from the server and therefore

that's the whole point! the trick is that u can leech whatever the program sends and when u do it u'l find encrypted username/password/urlofthenexlevel

___________________

quote:

Originally posted by Acid Junkie that's the whole point! the trick is that u can leech whatever the program sends and when u do it u'l find encrypted username/password/urlofthenexlevel

i know and that's the problem, i don't know how to do it. i tried setting the proxy to 127.0.0.1 which is probably stupid, but that's all i could come up with

___________________

hm proxy? no. a firewall that can log all traffic in *both* directions could help u better than a proxy cause u need to look through the outgoing traffic, not the ingoing. a firewall or a sniffer for tcp/ip protocol such as NetworkActiv Sniffer 1.4.2.1.

___________________

quote:

Originally posted by Acid Junkie hm proxy? no. a firewall that can log all traffic in *both* directions could help u better than a proxy cause u need to look through the outgoing traffic, not the ingoing. a firewall or a sniffer for tcp/ip protocol such as NetworkActiv Sniffer 1.4.2.1.

aha! that's exactly what i was searching for on the usenet, too bad the damn archives didn't have anything...

thanks for the proggie,man, it's very useful!

and now i'm off to decipher that... omg, it looks scary...

___________________

Last edited by whiskers on Aug-23-2002 at 04:40