Ok so I gained access to the planet bid users_db and bid_db. (I’m guessing that there is a file/page with the username and password but i can’t find it)
I’ve sent a forgotten password request from safe transfer with the email ( j@.com) of the user ne.
Now I’ve tried at least 20 different with the username ne*** on https://www.hackthis.co.uk/levels/extras/real/4/email_beta/. I’ve looked up the source code and the URL of every pages. I’ve tried to modify the URL like in the previous challenges but still nothing.
I read some thread and some users are talking about an MD5 hash file/page . How do you find it? (hints only please,)
[quote=author]A common password is the users real name, this obviously has its problems, but this is not as bad an idea as it first seems. The use of simple facts that you already know like names, birthdays, ages. These are all very poor passwords on there own but mix them up and you can come up with a killer combination that not only is secure but is also very easy to remember.[/quote]