LEVEL 5
To pass this level, download this Visual Basic 3.0 program and enter the correct username/password to proceed to the next level.
Solution:
- Download the file first, and we have to unzip it before we can use it.
Link:
http://try2hack.nl/levels/level5.zip
File list:
LEVEL5.TXT, LEVEL5.EXE - In the TXT file, it contains the message like below to tell us going to download the runtime dll.
TXT Content:
Get a runtime at: http://support.microsoft.com/support/vbasic/runtime.asp
Good luck!
Link:
http://support.microsoft.com/kb/196285
http://download.microsoft.com/download/vb30/utility/1/w9xnt4/en-us/vb3run.exe - After we put the dll file (Vbrun300.dll) together with LEVEL5.EXE, we can execute LEVEL5.EXE correctly without any error message.
- Since we have to figure out the username and password in this level, we need the following tools to help us pass the challenge.
VB 3.0 decompiler:
http://vbdis4.angelfire.com/ - Decompiled 'LEVEL5.EXE' and we could obtain the following files.
[LEVEL5.MAK] :
LEVEL5.FRM
main.txt
Module1.BAS
ProjWinSize=152,402,248,215
Title="LEVEL5"
ExeName="level5.exe"
[MAIN.TXT] :
' main.txt - global definitions
Global Const gc0006 = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ.,:;-*+=~|&!_$#@()[]{}<\/>"
Global Const gc000A = "http://www.try2hack.nl/levels/level6-ksghvb.xhtml"
[MODULE1.BAS] :
' Module1
Option Explicit
Const mc000A = " txtUsername=AlmostAHacker "
Const mc000E = " txtPassword=ZqrE01A2d "
[LEVEL5.BAS] :
' LEVEL5.FRM
Option Explicit
Sub cmdLogin_Click ()
If edtUsername = Mid(gc0006, 56, 1) & Mid(gc0006, 28, 1) & Mid(gc0006, 35, 1) & Mid(gc0006, 3, 1) & Mid(gc0006, 44, 1) & Mid(gc0006, 11, 1) & Mid(gc0006, 13, 1) & Mid(gc0006, 21, 1) Then
If edtPassword = Mid(gc0006, 45, 1) & Mid(gc0006, 48, 1) & Mid(gc0006, 25, 1) & Mid(gc0006, 32, 1) & Mid(gc0006, 15, 1) & Mid(gc0006, 40, 1) & Mid(gc0006, 25, 1) & Mid(gc0006, 14, 1) & Mid(gc0006, 19, 1) Then
MsgBox "Level 6 can be found at: " & Left$(gc000A, 37) & Mid(gc0006, 21, 1) & Mid(gc0006, 14, 1) & Mid(gc0006, 29, 1) & Mid(gc0006, 32, 1) & Mid(gc0006, 12, 1) & Mid(gc0006, 14, 1) & Mid(gc000A, 44, 6), 0, "Horray!"
End
End If
End If
MsgBox "Invalid username and/or password!", 0, "ERROR!"
End Sub
Sub Form_Load ()
Me.Move (Screen.Width - Me.Width) / 2, (Screen.Height - Me.Height) / 2
End Sub
... - Now, you must probably think that "Yes, we got the username, password and the URL to next challenge". Unfortunately, they are misleading information for us.
- Actually, the true username, password and URL are hided in 'LEVEL5.BAS' file. When we click the 'Login' button, the program will fetch the true username and password from the variable 'gc0006' to do comparison. Below is the detail of visual basic Mid function.
Mid Function (Visual Basic) :
http://msdn.microsoft.com/en-us/library/05e63829(v=vs.80).aspx - Finally, the correct username, password and URL are like below. It's done!!
username: Try2Hack
password: ILoveDodi
Level 6 link: http://www.try2hack.nl/levels/level6-kdsvbd.xhtml
How did you get the end product?
ReplyDelete