HTS Realistic Level 10

Posted by on Oct 16, 2008 in Hack This Site Realistic |

Holy Word High School There are a lot of things going on with this mission and if you have been following my other tutorials you should be all set understanding how to accomplish this mission. It seems Zach is having an issue with his grades at school and has asked us to help him change them. The very first thing we do (and I have been saying this since basic 1) is explore each page and view the source of each page. When I did this I notice that...

Read More

HTS Realistic Level 9

Posted by on Jul 31, 2008 in Hack This Site Realistic |

CrappySoft To complete this mission you will need to understand XSS (Cross-site scripting). I will be posting an extensive overview along with some good sites to reference for XSS. To summarize quickly, Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which allows code injection by malicious web users into the web pages viewed by other users. For this mission you want to utilize XSS in...

Read More

HTS Realistic Level 8

Posted by on Jul 30, 2008 in Hack This Site Realistic |

1. Find the account of Gary Hunter (I don’t know his account name). The first objective is to find the account name Gary Hunter. After playing around with the site you come across a user info page. Now you can sit there and guess the username all day but we don’t want to do that. How about we try some SQL Injections first. ' or '1=1' 1 ' or...

Read More

HTS Realistic Level 7

Posted by on Jul 30, 2008 in Hack This Site Realistic |

What’s Right For America While scrubbing through the site you should come across the image directory. When you browse to this directory you will see a folder embedded call /admin. If you were to click on that folder you get an authentication window. By cancelling you will see what they webserver they are running. You will notice at the bottom it is running Apache. Apache uses .htpasswd files to store user names and passwords. Now that you...

Read More

HTS Realistic Level 6

Posted by on Jul 30, 2008 in Hack This Site Realistic |

ToxiCo Industrial Chemicals To complete this mission you need to understand XECryption. After reading that post you should have a good understanding of what XECryption is. Now it is time to apply it. You could spend the time writing your own XECryption decrypter but considering you are reading this post this might be a bit too much. However if you are interested I have written my own. You can read about it here and you can review the...

Read More

HTS Realistic Level 5

Posted by on Jul 30, 2008 in Hack This Site Realistic |

Damn Telemarketers! I can’t stress this enough but one of the first things you should do after viewing every page is to view the source code of every page. Unfortunately for us this reveals nothing. You take a look at the News page and you decied to read it. There are some things in there that you think might give you a clue like the administrator’s girlfriends name. But this is all useless. But then you read: “Google was...

Read More