Hello everyone ,Welcome to the detailed Walkthrough on HackThisSite Basic Web Challenges.Let’s start With Basic Challenge no.1
Our First challenge,it says “Basic test of your skills to see if you can do any of these missions. Requirements:HTML”
So,Let’s get into the challenge.It looks like
Ok It says idiot test.And help says” You must learn HTMl”.Remember,everytime we need to veiw the page source to find some information.So i’m going to take a look at the page source for some information.There we go…
There’s a comment saying that “the first few levels are extremely easy:password os 15a28d63”.So use the password and submit
OK .it says “it is slightly more difficult challenge,involving an incomplete password script.Requirements:Common sense:”
So we need common sense for this challenge.Let’s go to find some
Ok it says “sam coded a password script.But it’s not encrypted .it’s clear text file and it compares the password that user enters.”.Ok.This says sam forgot to upload his script so we can direct hit submit button.
This says “Find a password file in hidden location”.Let’s check page source first.
As you can observe,The value attribute has some information. so let’s open the password.php And it looks like this
So let’s copy the password and submit .
This says “there is an email script that sends the password to the administrator”.Now let’s check the page source once….
So,there is a value “firstname.lastname@example.org” now let’s change that value into our email address and let’s check if anything happens…
OK now let’s Click on “Send password to sam” button.Ok They mailed me the password.
Now let’s copy this paasword and paste it in the input field and then hit the submit button.
Now let’s try click on “send password to sam”.
Now check your mail for the password…
copy the password and submit it.
So this challenge says there is an unknow algorithm that changes the given text.Let’s see..
Now let’s see what happens when we enter a text…So i’ve enteres this “test” and i got this out output “tfuw”…seems strange,But have u oberseved the first letter is constant and the remaining others are different.Now let’s try to compare the both.
those numbers are ascii numbers.and this add +1 to the ascii numerical .Now we already have the password and we have to decrypt it.that means we have to subtract the numbers…Thats it Let’s try..
So here is our password..Copy that and paste and submit…
Now,this says “sam set a script to display a calender and the password is a file and that file is hidden.”Ok let’s try..
So the time Network Security sam has saved his password somewhere else.But he made a script that shows the calender.Now we need to know basic unix/Lunix commands.if we enter a year it. will show the calender corresponding to that year.Now we’ll inject some other command.
type this command “2000;ls”
This will give this..
so there is an unknown php file.copy that and paste it in URL.
there we go .Now let’s copy that password and paste it and submit…
This time sam’s daughter made a php script and the password is hidden as we seen before somewhere else in the server.Now let’s see..It says we need to have a basic understanding of SSI(Server Side Includes).
So this says Sam has his password hidden on the “var/www/hackthisite.org/html/missions/basic/8".Now let’s try to observe what’s happening when we give an input.
When u observe the URL.It’s saving everything in tmp folder.Now let’s try to inject our code…
“<! — #exec cmd=”ls” — >”
it show some .shtml files but our password is not here…Actually it is in the parent folder of tmp..So we have to go one folder behind…
“<! — #exec cmd=”ls ../” — >”
Now this command will show us the files…
So there is our password file…..Copy the file name and paste it in the url.We get the passowrd…
We got the password.Copy it and paste it and submit…
This says the password is again hidden in an unknown file.But the script has some limitations.Let’s see..
OK we can’t use injection in this level because there is no submit form.But according to the description given.actually we can get the password using the level-8.So let’s try this..
Ok i got this .
It’s php file Let’s open the FIle and see what’s inside.
OK we have a password.copy the password and paste it.
This time sam decided to use a temporary and “hidden” approach.Let’s see
So this is the form,But nothing here.So let’s try to give some input so that we can understand what’s going on.
So this saying we are not authorized to view that page..OK let’s try to change the cookie.
This is the cookie Now type this in your Console..
So this will allow to view the page..
So this time sam decided to make a music site.But don’t know much about Apache….
Here is the web page..Nice let’s look at the source code.
Have you observed one thing.The source code is way different than the screenshot above it..So this mean it changes time to time..when we refresh the page.Now let’s do some research about the music albums
OK these are all elton john songs.The is a directory like this.
But there’s nothing here.Now It’s all about apache.There is some data But we can’t see it because we don’t have an access to that data.
It’s a .htaccess file…..
Done for the basic web challenges.See you in realistic web challenges….
Follow for more stuff Like this