Hack This Site Basic 1–11 Missions Write-Up

Hello everyone! I solved all the basic missions on HackThisSite. I want to share with you how I solved it. I hope that it will be useful for you :)

Basic 1

  • I clicked to view of source code in page. And I saw that there is password.

Basic 2

I clicked to submit button. And I logged in. Because coder did not define any password. He didn’t set any password. I logged in without any security mechanism.

Basic 3

-I clicked to view of source code in page. I saw that there is password.php directory.

  • I visited this directory. And I saw that there is password.

Basic 4

  • He assigned value in the Elements. I can change those element in the page.

-I changed with my Email.

-Then I saw this notification.

-Then I cheched my email box. And I saw that there is password reminder.

Basic 5

-I used BurpSuite to solve this problem. I intercepted data between server and user.

- Then I changed with my email.

- I released the data. Password reset message came to my mail.

Basic 6

I tried to encrypt 12345 and the encrypted string was 13579.

so by analyzing this, I got that

the first will be as it is

the second will be incremented by 1

the third will be incremented by 2

the fourth will be incremented by 3 and so on

  • I checked in ASCEE table. And I found 4b5g7>=m password.

Basic 7

  • This form is not secured. Indeed, I can inject commands in the date field. Try to enter “;ls -l”.
  • -It will produce a calendar and the result of our command. We see a file named “k1kh31b1n55h.php”.

Basic 8

This time I had to inject the server, so writing

  • Produces a file containing au12ha39vc.php.
  • -Add this file in the URL to discover the password: .

Basic 9

-I have to back to challenge 8' page

and inject this “<! — #exec cmd=”ls ../../9” — ->”

-The result of the previous command is as shown in the picture below

-Go to p91e283zc3.php, and I found the password.

Basic 10

I intercepted cookie. I saw that level_authorized is No.

  • I changed with “yes” this value.

Basic 11

  • -So, I have found a file.Now visit it as:
  • There is our login page.still we are stuck!we don’t have the password or any hint in the source code of this page. Lets run another scan on the URL Fuzzer ,this time for directories
  • There are two possible directories. first we try /index/ ..but it seems no change it shows a new line .
  • Now, try /e/
  • Found a new directory in it.
  • /l/ ,and there are more directories /t/,/o/,/n/
  • in the end we are on a blank page,with just link to parent directory.
  • Here DaAnswer seems suspicious! so lets try it ! add DaAnswer after e/l/t/o/n/

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store