hackthissite basic 1-11
来源:互联网 发布:云计算的几种形式 编辑:程序博客网 时间:2024/04/30 11:15
//url:www.hackthissite.org
This level is what we call "The Idiot Test", if you can't complete it, don't give up on learning all you can, but, don't go begging to someone else for the answer, thats one way to get you hated/made fun of. Enter the password and you can continue.
右键查看源代码,密码写在注释里:
<span style="font-family:Arial;">This level is what we call "The Idiot Test", if you can't complete it, don't give up on learning all you can, but, don't go begging to someone else for the answer, thats one way to get you hated/made fun of. Enter the password and you can continue. <br /><br /><span style="color:#009900;"><!-- the first few levels are extremely easy: password is 84c72242 --></span><center><b>password:</b><br /><form action="/missions/basic/1/index.php" method="post"><input type="password" name="password" /><br /><br /><input type="submit" value="submit" /></form></center> <center><table border="0" width="80%" cellspacing="0" cellpadding="0"></span>
密码为84c72242。
Network Security Sam set up a password protection script. He made it load the real password from an unencrypted text file and compare it to the password the user enters. However, he neglected to upload the password file...
Sam未上传密码文件,所以直接submit。
This time Network Security Sam remembered to upload the password file, but there were deeper problems than that.
查看源代码,
<br /><center><b>Level 3</b></center><br />This time Network Security Sam remembered to upload the password file, but there were deeper problems than that.<br /><br /><center><b>Password:</b><br /> <form action="/missions/basic/3/index.php" method="post"> <input type="hidden" name="file" value="<span style="color:#009900;">password.php</span>" /> <input type="password" name="password" /><br /><br /> <input type="submit" value="submit" /></form>打开http://www.hackthissite.org/missions/basic/3/password.php,得到密码9a1d3a50。
This time Sam hardcoded the password into the script. However, the password is long and complex, and Sam is often forgetful. So he wrote a script that would email his password to him automatically in case he forgot. Here is the script:
Network Security Sam has encrypted his password. The encryption system is publically available and can be accessed with this form:
Please enter a string to have it encrypted.
You have recovered his encrypted password. It is:
d7dh=9;8
Decrypt the password and enter it below to advance to the next level.
推测他的加密算法,输入数个字符串尝试,得出结论:第一位字符ASCII值+0,第二位+1,以此类推,最终得到密码。
This time Network Security sam has saved the unencrypted level7 password in an obscurely named file saved in this very directory.
Enter the year you wish to view and hit 'view'.
UNIX cal 命令,如输入2000则执行UNIX下cal 2015的结果。输入2015;ls则相当于执行cal和ls两个命令。view看看,发现日历和一些php文件,由题意密码在“
an obscurely named file”中,那么在地址栏中访问k1kh31b1n55h.php文件就可以get到密码了。
an obscurely named file”中,那么在地址栏中访问k1kh31b1n55h.php文件就可以get到密码了。
Sam remains confident that an obscured password file is still the best idea, but he screwed up with the calendar program. Sam has saved the unencrypted password file in /var/www/hackthissite.org/html/missions/basic/8/
Enter your name:
Network Security Sam is going down with the ship - he's determined to keep obscuring the password file, no matter how many times people manage to recover it. This time the file is saved in /var/www/hackthissite.org/html/missions/basic/9/.
This level seems a lot trickier then it actually is, and it helps to have an understanding of how the script validates the user's input. The script finds the first occurance of '<--', and looks to see what follows directly after it.
和level8一样,只是要利用第八关的输入框,输入<!--#exec cmd="ls ../../9"-->就OK了。
This level seems a lot trickier then it actually is, and it helps to have an understanding of how the script validates the user's input. The script finds the first occurance of '<--', and looks to see what follows directly after it.
Enter password
Please enter a password to gain access to level 10
点击submit,提示You are not authorized to view this page,找一下hackthissite的cookie,看到level10_authorized的值为no。改成yes之后返回本关就OK了。(我是Chrome浏览器,在console里改cookie值;FF不大了解)
Level 11
点开页面发现有
I love my music!"Gulliver/Hay-Chewed/Reprise" is the best!
I love my music!"Gulliver/Hay-Chewed/Reprise" is the best!
这样的字样,刷新页面,发现歌曲名称在变化,搜索这些歌曲,发现它们同为一名歌手“Elton John”所唱,尝试多次后发现,在url后加上e/l/t/o/n会打开新的页面,在这个 目录下.htaccess文件没有保护,此文件给出密码。打开https://www.hackthissite.org/missions/basic/11/index.php输入密码,过关。
This time Network Security sam has saved the unencrypted level7 password in an obscurely named file saved in this very directory.
In other unrelated news, Sam has set up a script that returns the output from the UNIX cal command. Here is the script:
Enter the year you wish to view and hit 'view'.
Network Security Sam is going down with the ship - he's determined to keep obscuring the password file, no matter how many times people manage to recover it. This time the file is saved in /var/www/hackthissite.org/html/missions/basic/9/.
In the last level, however, in my attempt to limit people to using server side includes to display the directory listing to level 8 only, I have mistakenly screwed up somewhere.. there is a way to get the obscured level 9 password. See if you can figure out how...
This level seems a lot trickier then it actually is, and it helps to have an understanding of how the script validates the user's input. The script finds the first occurance of '<--', and looks to see what follows directly after it.
0 0
- hackthissite basic 1-11
- hackthissite-basic(1~11)全攻略
- HackThisSite/Basic 1解决方案
- HackThisSite/Basic 2解决方案
- HackThisSite/Basic 3解决方案
- HackThisSite/Basic 4解决方案
- HackThisSite/Basic 5解决方案
- HackThisSite/Basic 6解决方案
- HackThisSite/Basic 7解决方案
- Hackthissite Basic-Writeup
- hackthissite(Basic missions level1-10)攻略
- hackthissite realistic mission 1
- hackthissite realistic mission 2
- Hackthissite realistic 6
- Hackthissite Javascript-Writeup
- BASIC 1
- 【LQ系列】 BASIC-11~BASIC-15
- 【LQ系列】BASIC-1~BASIC-5
- Android 键盘使用四(中文API)
- 通达OA 办公系统(Office Anywhere)动态密码配置使用详解
- Java使用RandomAccessFile读写文件
- 秒杀多线程第八篇---经典线程同步 信号量Semaphore
- Spring-Task 定时任务
- hackthissite basic 1-11
- 144、Binary Tree Preorder Traversal
- Android Service常驻后台 守护程序
- 菜鸟学Java-----内部类1
- iOS 自定义声明及使用带参block
- myeclipse快捷键
- 找出安装后的位置
- easyui--tab 选项卡组件
- solr环境搭建(一)