What I learn from HTS today is Directory Traversal Attack (DTA). You might learn from Wikipedia. As a summary DTA is a way of accessing the locations that are not intended to be available to plain user, by using input fields of the website. Generally flaw that makes open to DTA is low sanitizing and input validation of applications.
These are the steps to complete the mission.
- Open the hacked index of the web site and open the source of the index see the bottom comment of the hackers. It means we have original index file as oldindex.html
- Type to ...3/oldindex.html
- Open the source and copy all the source of the page.
- Go to "Submit Poetry" page of the site.
- Type ../index.html as name and paste all the copied content to content part of the form.
- submit. That's all 🙂
At Linux /etc/passwrd file includes information about the user accounts on the operating system. Permissions and password (if not encrypted) related with specific user account are stored here with some extra information. Here is the general structure of the file with the needed explanation to interpret it: Continue reading Hacker's first target file /etc/passwrd on Linux ! Why?
I posted a question to Quora about hackthissite.org 's benefits and reality. I got well defined answer that I want to share with you. Here is the question and the answer.
Question: Do you think hackthissite.org is a good tool to master web hacking?
Answer: Thanks to Frank Smith
The missions on that website are pretty realistic in terms of real world hacking. But if you finish all the missions you will have only scratched the surface of "hacking". There are literally dozens** of site that will provide you similar missions but they all lack one thing, fundamentals. Finishing all the challenges is great but it won't teach you ABCs of security. If you really want to understand Web Application security I recommend Web Application Hackers Handbook. This books is the single best source of learning security for Web Applications.
Since this book only focuses on WebApplications, I would recommend Counter Hack Reloaded as a good counterpart. Its a bit dated (2006) but it goes in great details about fundamentals and covers a huge ground.
**List of sites similar to Hackthissite.org
Today it is the turn for the realistic mission 2 on hackthissite.org.
This mission is all about looking the home page source code. Finding the hidden link on page to directs you to admin page then use basic SQL injection to accomplish the mission.
SQL injection is about typing some malformed values to html forms to make some changes on the application database or get some data that the application owner does not expect us to see them or change. You can learn more about SQL injection from this link.
You need to be able to pass the mission after all the explanation and the reading from the above reference site. If you cannot, it means you need to work some more on hacking the sites. However for the lazy brains here I give the instructions as follows:
- Open the source file of the page.
- See the update.php link on the source. It is hidden on the visuals on the page.
- Find the hidden link and click on it to go to admin login page.
- Now use one of the tricks that you know about sql injection. I used this for both input x' OR 1 = 1;
That's all 🙂
After I pass the basic missions on hackthissite here is the first realistic mission solution of the hackhissite.org. You can see the mission from here.
It is really easy mission if you know about the value passing from the URL of the page to Continue reading PHP parameter trick on hackthissite.org "Realistic Mission 1"