Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Level 1 ~
- There was an encoded string in HTML source of /index.php -- http://prntscr.com/9urzoa
- "==AZRRmLzRXaRlWUvBjS" So you can see that it -->begins<-- with two equal signs(==)
- So it's base64 reversed .. let's reverse it (manually, strrev('==AZRRmLzRXaRlWUvBjS'), '==AZRRmLzRXaRlWUvBjS'[::-1] .. etc) -- http://prntscr.com/9us3al
- "SjBvUWlRaXRzLmRRZA==" Now it looks like plain base64 so you have to decode it (HackBar, base64_decode() base64.b64decode() .. etc) -- http://prntscr.com/9us2ti
- "J0oQiQits.dQd" .. There is also a form, a encrypter in /index.php .. so we can assume that this string is encrypted using that encrypter
- and that form only encrypts alphabets (A-Za-z) so we just have to see it converts what to what -- http://prntscr.com/9us5ga
- Now we know how it works so we have to decrypt "J0oQiQits.dQd" this .. we can do this manually or we can code something to do that for us -- http://prntscr.com/9us7s9
- [code]
- <?php
- echo strtr('J0oQiQits.dQd', 'HxPjBkyELzXqwCgvlGDaYpVuhOFRbKSZoQtifJrsNdnWMemTUcAI', 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz');
- ?>
- or
- <?php
- echo strtr(base64_decode(strrev('==AZRRmLzRXaRlWUvBjS')), 'HxPjBkyELzXqwCgvlGDaYpVuhOFRbKSZoQtifJrsNdnWMemTUcAI', 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'); # To "decode it in one shot" :v
- ?>
- [/code]
- Solution for Level 1 ~ l0ghjhjin.php
- Level 2 ~
- Let's look at the source -- http://prntscr.com/9usa9c
- l0ghjhjin.php?log -- http://prntscr.com/9v1nn7
- So we just have to add a few headers and set their values to "151.51.202.22" ..
- ------------------------------------
- Client-IP=151.51.202.22 |
- X-Forwarded-For=151.51.202.22 |
- X-Forwarded=151.51.202.22 |
- X-Cluster-Client-IP=151.51.202.22 | --> You have to try everyone of them .. after you do that you'll see that
- Forwarded-For=151.51.202.22 | the actual header it's looking for is "Via" ..
- Forwarded=151.51.202.22 |
- Via=151.51.202.22 |
- ------------------------------------
- So the solution for Level 2 is Via=151.51.202.22
- Level 3 ~
- Let's look at the source .. There's an image saying "Teh end is near" and then there's a comment "Is it?" .. http://prntscr.com/9v1rcv
- There's no hints but you can see that all the other images in the challenge were hosted on a different site except this one, it's on the same site ..
- So maybe there's something hidden in it .. http://prntscr.com/9v1sd8
- dhink4chik4.php
- Solution for Level 3: Path to Level 4? was hidden in Image's EXIF->(Camera Make)
- Level 4:
- There's no level 4 :v -- http://prntscr.com/9v1t53
- You just had to post your html content + leety name to generate a .html ^_^
- Regards,
- ~ AnonGuy
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement