Skip to main content

Hack This Site Basic 11


Sam decided to make a music site. Unfortunately he does not understand Apache. This mission is a bit harder than the other basics.
As you may have noticed! when we visit this level all we are given with is some line about song.This line changes on each refresh.From this we assume that this is not the real page we need to visit.But how we find our requirement? There is a tool in Kali Linux called 'Dirb'. But for now Iam using an online service for this
>>URL FUZZER<< . First we give the url and search for files with .php extension.
select start scan.Wait for scan to finish.
So,we have found a file.Now visit it as:
https://www.hackthissite.org/missions/basic/11/index.php

There is our login page.still we are stuck!we don't have the password or any hint in the source code of this page. Lets run another scan on the URL Fuzzer ,this time for directories 
Same way start scan and wait for it to finish.
There are two possible directories. first we try /index/ ..but it seems no change it shows a new line .
Now, try /e/

Found a new directory in it.
/l/ ,and there are more directories /t/,/o/,/n/

in the end we are on a blank page,with just link to parent directory.

We know Sam uses Apache in this website so he must have used .htaccess file
so i tried to check if .htaccess exist in this directory.Yes it is!

https://www.hackthissite.org/missions/basic/11/e/l/t/o/n/.htaccess 

HTACCESS FILE CONTAIN:
IndexIgnore DaAnswer.* .htaccess
<Files .htaccess>
order allow,deny
allow from all
</Files


Here DaAnswer seems suspicious! so lets try it ! add DaAnswer after e/l/t/o/n/









when added DaAnswer,it automatically turned to .txt



https://www.hackthissite.org/missions/basic/11/e/l/t/o/n/DaAnswer.txt



Inside that this line was found:



The answer is around! Just look a little harder.



Next,we have to deduce the answer iam going to try password as  "around"



Yes it is! we have completed the level!



You may have got different password as password chnages



I also got in some tries:



The answer is somewhere close! Just look a little harder.



The answer is not what you think! Just look a little harder.



The answer is short! Just look a little harder.



























Labels:


































Comments











Post a Comment



















Popular posts from this blog





















Hack This Site Basic 8




























     Sam remains confident that an obscured password file is still the best idea, but he screwed up with the calendar program. Sam has saved the unencrypted password file in /var/www/hackthissite.org/html/missions/basic/8/  However, Sam's young daughter Stephanie has just learned to program in PHP. She's talented for her age, but she knows nothing about security. She recently learned about saving files, and she wrote a script to demonstrate her ability.  So, we know the password is stored in some obscured password file.   Lets try the same code as we did in level 7.  But the code 'ls' is not treated as command. so lets try it differently.  Try with aaa;<!--ls-->  it also failed but got a message:   If you are trying to use server side includes to solve the challenge, you are on the right track: but I have limited the commands allowed to ones relevant towards finding the password file for security reasons(because there will always be that one person who decides to 




















2 comments









Read more






























Hack This Site Basic 10




























     Please enter a password to gain access to level 10  Only this much is written as hint.What we should do? I have tried reading the source code and there is no hint how the password is validated.So,we have no other way than intercepting the data.Once we enter the password and hit submit the password along with some request is sent to the server by the browser.There can be very vital information in this request.What we do is intercept this request before it is sent to the server.For this we use "Burp Suit" or some extensions for tampering data.For chrome and firefox,we have tamper data addon.Iam using chrome add on:  Tamper Chrome    HOW TO USE IT?   *Right click somewhere and select inspect.  *Now select the three arrows pointing right on top right corner.        *Now select  Tamper from it(make sure you have added the extension in             chrome).    *Now input some password in out mission or leave it empty and hit submit.  *You will see a new tab with the request det




















Post a Comment









Read more






























Hack This Site Basic 6




























     Network Security Sam has encrypted his password. The encryption system is publically available and can be accessed with this form:  There we have been given with the same encryptor used by Sam .There is no other choice in my mind than guessing the password with the help of this encryptor.  We have Sam's encrypted password already :3ff8;j<9  >Now we need to find by giving which value we get the output as 3.  >when i given 'a' my output was 'a',which means no change.  >So,I tried giving '3' and as expected, answer was 3.  >So i pushed my luck and tried '3f',the first two letters,in encryptor ,Output was '3g'     this was clearly giving us hint.first letter has no change,second letter change by one alphabet or           letter ,clearly from 'abcdefg'  >with this in mind iam giving input for encryption as '3ed',Huraaah!, it was successful and given output as '3ff'.  >now its easy to break down ...




















Post a Comment









Read more