HTS Realistic Level 4

Posted by on Jul 30, 2008 in Hack This Site Realistic |

Fischer’s Animal Products The idea here is to find the email addresses stored in the database. The First thing that comes to mind when trying to get information from a database should be an SQL Injection. If you are not sure how SQL Injections work read the post SQL Injection Walkthrough. You will notice that sql injection does work here. If you play around with the site and enter an invalid e-mail address you will get an error that it could...

Read More

HTS Realistic Level 3

Posted by on Jul 30, 2008 in Hack This Site Realistic |

Peace Poetry: Hacked Reading the source code to a page is probably the first thing you should do just to get an idea of what the page is made of. After I read the source code I found this html comment: “Note to the webmaster. This website has been hacked, but not totally destroyed. The old website is still up. I simply copied the old index.html file to oldindex.html and remade this one. Sorry about the inconvenience.” at the bottom....

Read More

HTS Realistic Level 2

Posted by on Jul 30, 2008 in Hack This Site Realistic |

Chicago American Nazi Party This page involves utilizing a SQL Injection Attack. Read the SQL Injection Walkthrough post to understand how this works. Viewing the source code you will notice a link to update.php. This is the link to thier admin site. This page you will enter the sql injection into the username field PgSQL hi' or 1=1-- 1 hi' or...

Read More

HTS Realistic Level 1

Posted by on Jul 30, 2008 in Hack This Site Realistic |

Unlce Arnold’s Local Band Review Querystring manipulation A Querystring is any data in the URL that appears after the page name which will be followed by a question mark (?). All information after this question mark is the querystring. i.e. http://www.site.com/index.php?variable1=[value1]&variable2=[value2] Notice that everything is something = [some text or numbers]. The something is basically a variable that the system is passing,...

Read More