Sunday 18 October 2015

Solution: HackThisSite - Basic Missions - Basic 3

By Unknown 05:12 , , 1 comment

HTML.. A base of any website.. Our next challenge is based on basic understanding of HTML.. Source code can reveal many important things which sometimes web developers neglect knowingly or unknowingly..

Site: HackThisSite (https://www.hackthissite.org)
Solution: Basic Missions > Basic Level 3


Challenge Description: This time Network Security Sam remembered to upload the password file, but there were deeper problems than that.

So our beloved Sam fixed previous problem this time. But little did he know that users can actually call the files directly and see the output if the validation is not proper. The problem here is that Sam actually uploaded the file, but his coding in the file is to output the password so that password compare script can compare the password in the file with the password entered by user..

As we can see in the source code, there is a file "password.php", this is the file which contains the unencrypted password. Password script will call this file for the password value and compare the result with the value entered by the user.. Well, user can also call the file directly to see what it does.. So let's try that..

Well, the password file just gave it away easily.. Password is: 47442112


If You Enjoyed This, Take 5 Seconds To Share It

1 comment:

  1. jennifer28 April 2020 at 04:17

    Do you need to increase your credit score?
    Do you intend to upgrade your school grade?
    Do you want to hack your cheating spouse Email, whatsapp, Facebook, instagram or any social network?
    Do you need any information concerning any database.
    Do you need to retrieve deleted files?
    Do you need to clear your criminal records or DMV?
    Do you want to remove any site or link from any blog?
    you should contact this hacker, he is reliable and good at the hack jobs..
    contact : onlinehacker4hire at gmail dot com


    ReplyDelete