can be a pain in the ass to find thoose sweet little books. But its there in the source somewhere

@Hazique35 You only need common sense and knowledge of how URLs work. Also a little bit of directory content listing.

Alright… I tried to use GET methods, that didnt work out well… So ill try what you were talking about.

I’m blocked on this level from 4 days now… I f*cking do not get it… I see what the code do but I don’t see what I am supposed to do

just see the source code and u will find answer

Yes I know…

Here’s what I understand :

var req, image, status, imagepath; // Variables' declaration

function loadimage(_imagepath) // Loading a function
{
var username= document.getElementById(‘username’).value; // Taking what the user entered in the user case and putting the value on the username variable
var password= document.getElementById(‘password’).value; // Same for password
URL= “members/” + username + “ ” + password + “.htm”; // I don’t really know… Definiting an URL like members/usernamepassword.htm ?
imagepath = URL; // Stocking the URL in a variable called imagepath
document.getElementById(“status”).innerHTML = ‘Checking details…’; // Modifying the text, not important

req = getreq(); // IDK >:
req.onreadystatechange = imagexists; // IDK >:
req.open(“get”, imagepath, true); // IDK >:
req.send(null); // IDK >:
}

function imagexists() {
if(req.readyState == 4) { // If the red.readystate = 4 then
if(req.status == 200) { // If the req.status = 200 then login ->
document.getElementById(“status”).innerHTML = ‘Correct!’;
document.location = “/levels/r2.php?in&user=” + document.getElementById(‘username’).value + “&pass=” + document.getElementById(‘password’).value; // Here I see that I need to enter an URL like http://www.hackthis.co.uk/levels/r2.php?in&user=username&pass=password and validate it to clear the level
} else {
document.getElementById(“status”).innerHTML = ‘Incorrect username/password’;
}
}
}

Here is what I understand in the code, after the //… Any other help or hint please ? :)

Maybe have a closer look at members/ you will find something there!

you dont need to do anything with the javascript. or know anything about the code.

you need to concentrate on this bit of the code. not what you posted.
var username= document.getElementById(‘username’).value;
var password= document.getElementById(‘password’).value;
URL= “members/” + username + “ ” + password + “.htm”;

you just need to understand the url . >> URL= “members/” + username + “ ” + password + “.htm”; look here that might help you a lot

OMG thank you so much I finally found the solution, with your help !

I was focusing on the javascript code like a stupid man…

Thanks ! It was soooo simple :‘)

<3

there’s no need to edit the code :)

im new can some one help i cant figure out the password

god damn that was annoying but rewarding

http://www.hackthis.co.uk/levels/r2.php?in&user=username&pass=password is very important that you understand what this is doing.
The question mark is in effect the get statement : /r2.php?in&user=username is saying, get the user which is equal to the levels user=username and also get he levels pass=password the variables you need to be looking for are ‘user’ & ‘pass’ So to cut a long story short you have to put the correct username into the user variable and the password into the variable pass.

So your answer should be: http://www.hackthis.co.uk/levels/r2.php?in&user=********&pass=********
found ^Username^ & ^Password^

The main part of code you need to understand is this:

    var username= document.getElementById('username').value;  

var password= document.getElementById(‘password’).value;
URL= “members/” + username + “ ” + password + “.htm”;
imagepath = URL;
document.getElementById(“status”).innerHTML = ‘Checking details…’;

What could you find useful to yourself in this core???

took me just 15 mins to get past this level :D. u just have to relax and think…. its easy. focus on URL= “members/” + username + “ ” + password + “.htm”. the answer is right before ur eyes :D

I still don’t get it.. I know i have to change the url but how? I try hunderds ways and they always show me 404not found

then you’ve been really creative. Think simpler…

thats enough !! i cant understand a thing , URL=“members/”+username + “” + password +“.htm”
i cant find the username and pass and i tried www.hackthis.co.uk/levels/real/level2/members/usernamepassword.htm

You didn’t understand the line ;)
username and password are variables so they probably contain a username and a password? Since you can’t guess them you will have to try to find the passwords. You’ve got htm files there, where are those files?

finished it . but thnx a lot !! :) i really appreciate it :D

Oh! Shoot, it was quite easy to solve. Just concentrate on members

travel through the directories, travel and look around…

you don’t even need to view the source code to reveal the login credentials

Humm, to solve the level, try to look at the source code of the page, there is a script. Try to translate the scrip with your own words, you’ll understand it better !

pls spme help i havent find it

What is that thing you are not able to find? the source code? the script?

i havent find the user name and passeword iam getting crazy some help plz

Well, that’s actually part of the challenge… we can’t tell you the solution.
Also, you should try to tell us what you did so far, without posting a spoiler, of course.

I can say that, the MAIN levels will be useful for this part. :D

i go to source code and i find username and password but i havent indrsten them
ps: sorry for bad of my english

You have to understand a bit of html and javascript. Start with the MAIN levels, since they will have a crucial help.

If you have username and password you have to insert them in the proper fields and you should be able to pass the level… if not then probably you have the wrong username:password combination

in main levels i stop in level 4

Actually it is all you need to pass this level…

The user and pass doesn’t have in source code of login page, but in this source code have a information for you find the username and password.

HAHA so easy. Just follow the directory

The best would be if you read through the source properly.
It might lead you to a location they forgot to disallow..

Hope it’s not too much of a spoiler. ;P

Finally found the directory. I just was putting the / in the wrong place. Also is it just me or are the real levels easier than the main levels.

do you have to login with all accounts
bcz i logged in with anna but it is still not completed