What is it? @.@

Here is the place where I record some tactics about wargame, systems, and other security issues.

2012-11-02

TRY2HACK - Level 4

Description:

LEVEL 4
Solution:
  1. There is a java applet in this challenge. 
    <!--[if !IE]>-->
  <object classid="java:PasswdLevel4.class" type="application/x-java-applet" height="370" width="330" >
<!--<![endif]-->
  <object classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93" codebase="http://java.sun.com/update/1.6.0/jinstall-6u10-windows-i586.cab" height="370" width="330" > 
    <param name="code" value="PasswdLevel4" />
  </object> 
<!--[if !IE]>-->
  </object>
<!--<![endif]-->
  2. Let's download the Java class to check it out. Use a Java Decompiler to decompile the class file.
    The decompiled code:
  3. In the code you could find the URL like below. 
    ...
    infile = new String("level4");
try
{
    inURL = new URL(getCodeBase(), infile);
}
catch(MalformedURLException _ex)
{
    getAppletContext().showStatus("Bad Counter URL:" + inURL);
}
...
  4. Okay, let's check the file now. hxxp://try2hack.nl/levels/level4
    level5-fdvbdf.xhtml
    appletking
    pieceofcake
  5. It's done!!
Posted by at Labels: , , ,

3 comments:

  1. Unknown3/14/2015 02:49:00 PM

    Hey There. I discovered your bolg is so impressive. That is a very well written article.I will be sure to bookmark it and come back to learn extra of your helpful info. Thanks for the post. I will certainly return.
    Thanks
    Susanne Green
    medical assistant

    ReplyDelete
  2. alex10/20/2020 07:19:00 AM

    Great post.
    https://clyp.it/user/rpe3z1o2

    ReplyDelete
  3. antonio6/04/2021 01:40:00 AM

    Great post.
    https://my.desktopnexus.com/JohnJohnsonn/

    ReplyDelete

Subscribe to: Post Comments (Atom)