Blog
VM Hacking
Hacking
Cracking
Wargame
Forensic
Cryptography
Programming
/dev/null
Forum
 Hacking Help : Authentication | |
W3-BoT 568 Messages GeekÔ$ |
the 11/06/2008 at 23h35 # 01 Post here for any help request on challenge Authentication (in ENGLISH only !) #w3challs'Big Boss |
| hutthutt 6 Messages New Poster |
the 22/01/2013 at 16h10# 02 any hints? |
awe 327 Messages Geek |
the 22/01/2013 at 16h14# 03 Look at your HTTP headers. Then it's pretty straight-forward. My name? I've had a few. You can call me root. |
| hutthutt 6 Messages New Poster |
the 30/01/2013 at 21h43# 04 i saw that it adds a cookie called authz that is a concatenation of 4 md5 hashes but cant crack them, i cant see other strange http headers « Last edition: the 30/01/2013 at 22h06 by hutthutt » |
| awe 327 Messages Geek |
the 30/01/2013 at 21h50# 05 That's not the concatenation of 3 md5 hashes. As it turns out, md5 is not the only hash algorithm  That's of course only one hash. My name? I've had a few. You can call me root. |
| hutthutt 6 Messages New Poster |
the 30/01/2013 at 22h06# 06 got it  thanks, was rly tought it was md5 coz i saw the lenght that was 128 and immediatly think about 4 md5 hashes grouped . |
| PapyJok 8 Messages New Poster |
the 28/08/2013 at 16h50# 07 Hi, I've just uncrypt the authz value, but when I replace it in the cookie and refresh my webpage it happens nothing. Did I mess something else? Thanks for your help and have a good day |
| awe 327 Messages Geek |
the 28/08/2013 at 17h25# 08 If you found the authz initial value, it should mean something. From that you can guess what is doing the server with this value, and what value would be expected to become admin. If you replaced the cookie but that nothing happened, you probably didn't try the good value yet. That should be quite obvious I also think that to make it easier I even accept several "good values".My name? I've had a few. You can call me root. |
| PapyJok 8 Messages New Poster |
the 29/08/2013 at 12h26# 09 Hoooo OK I think i see what I have to do now! Thank you i'll test it now  |
| PapyJok 8 Messages New Poster |
the 29/08/2013 at 12h39# 10 Thanks a lot, challenge complete!  |
| FernandoFerestrauar 1 Message New Poster |
the 06/06/2018 at 00h08# 11 Hello,i just can't do that.I don't know how to decode the value. |
| bigsidhu 1 Message New Poster |
the 23/06/2018 at 06h22# 12 Is there any hint on what the word you have to re-encrypt is, I've found the decrypted cookie value and have tried superuser, root, admin, administrator etc. but nothing has worked. |
