Hack This Site Basic 7

Hello and welcome to the solution of the 7th basic mission of HTS, this one is fairly easy if you have already used Linux (which I highly recommend over windows or mac), since the key to achieve this mission relays on your knowledge of basic UNIX commands and also on combining commands.

Now back to our mission, in this one, network security Sam practices security through the ignorance of hackers. as for protecting his password, he has hidden it in a script with an obscure file name, but in “unrelated” news he has made a script that returns the output of the Linux command “cal“, and what this command does, is that it displays a simple calendar. This is where combining commands comes in handy.

Indeed, by appending the combining command “&&” and the UNIX command “ls” we can do a full listing of the current directory, this is the output that I got (after entering “&& ls”):

        August 2008
Mon Tue Wed Thu Fri Sat Sun
                  1   2   3
  4   5   6   7   8   9  10
 11  12  13  14  15  16  17
 18  19  20  21  22  23  24
 25  26  27  28  29  30  31

.
..

level7.php
cal.pl
.htaccess
k1kh31b1n55h.php
index.php

Got it! the file that contains our password is “k1kh31b1n55h.php” now we must view it’s content, once done, just enter the password and you’ll have access to the 8th mission of HTS.

Hack This Site Basic 6

With this mission things are gettin harder cause now network security sam is using an encryption algorithme, and to bypass his brand new security measure we have to decipher the encrypted password. to help us in our task we have a working cipherer make thing easier.

the first thing that some of you may notice is that they have said that “the encryption system is publically available”, we suppose that it’s a well known one, indeed, cause the enryption algorithme is called “caesar” (for more informations about this one, check wikipedia’s entry) but with a minor change, cause the encryption key is variable, it is the place number that a letter occupies within our string, Ithink that an example would clafiry things better:

With the original caesar cipher and an encryption key of 3:

original string : abcd123
encrypted string : defg456

With the one used in HTS:

original string : abcd123
encrypted string :aceg579

How ?

Since “a” was in the 1st place the key is “0″ which means : no subtitution.
And “b” which was in the 2nd place the key is “1″ which means: “b” moved by +1 = “c”.
finally “c” which was in the 3rd place, the key is “2″  which means: “c” moved by +2 = “e”.

and so on for the other letters and numbers.

Decoding the encrypted password “d4e98i6>“:

“d” remains “d ” (remember the key is zero)
“4″ moved by “-1″ will give a “3″
“e” moved by “-2″ will give a “c”
“9″ moved by “-3″ will give a “6″
“8″ moved by “-4″ will give a “4″
“i” moved by “-5″ will give a “d”
“6″ moved by “-6″ will give a “0″
“>” moved by “-7″ will give a “7″ (Check ASCII’s Wikipedia entry)

the  Decrypted password is “d3c64d07“

Once again we have defeated Sam at his own game. after deciphring the encrypted password, all we have to do now is to enter it and welcome to the 7th mission.

Hack This Site basic 5

This mission is very easy, especially if you are using firefox and the “Tamper data” add-on. All you have to do to pass this mission is to modify the hidden “to” field in the first form on the page (you can see it by viewing the source of the web page Ctrl + U under firefox), and to do this open Tamper data (Tools -> Tamper data), then hit the “Start tamper” button. Now, go back the to mission page and click on the “Send password to Sam” button

click on the “Tamper” button

now throw in any email address you want, once done you will get Sam’s password, enter it, congratz you’ve completed the 5th basic mission of HTS.

Hack This Site Basic 4

In this mission which is just a little bit complicated, there are two ways to achieve it: the short way and the long way, but don’t worry, both are easy and all you need is firefox for the first method, or some knowledge of HTML for the second one.

Method I:

As I said before we’ll need firefox (my favorite browser ) and an add-on called “Tamper Data”, and what this basically do is it intercepts all kind of requests made by the browser and let you change requests headers, requests params (post/get) and much more.

after installing Firefox (if you don’t already have it), we’ll install this add-on, and to do so navigate to this page : https://addons.mozilla.org/en-US/firefox/addon/966 and click the “Add to Firefox” button. Or go to the menu Tools -> Add-ons then do a search for “Tamper Data” then follow the instructions on the screen for installing it.

Now we’re ready for the forth mission of HTS, as always you are asked to find a password that will grant you access to the next level, but this time the network security: Sam has written a script that will send him the password in case he forgot it. To bypass his protection go to the Tools menu -> Tamper Data  and hit the “Start tamper” button,

now for every request this add-on will ask you if you want to modify the request or send it unchanged. in our case we want to change the request so we’ll hit the tamper button. now you can see all the details of the request but only one detail interests us which is the “to” post parameter.

Change it’s value to any email address, now you can access the next level.

Method II;

for this second method we need to create a web page that will contain our form with the modified “to” post parameter. our page source should look like this :

mission4.html

<form action="http://www.hackthissite.org/missions/basic/4/level4.php" method="post">
<input name="to" type="hidden" value="whatever@youwant.com" />
<input type="submit" value="show me the password" />
</form>


now load this page into your favorite browser and click on the button and you should see the password, enter it, Congratz, you have completed this 4th mission.

Other ways : there are also other ways to achieve this mission like using JavaScript to modify the page on the fly, it’s up to you to choose which one you wanna use.