HackThisSite is a free training for Hackers, as well as people trying to learn HTML, and more. It pitches you against several missions or challenges, which you have to solve. Here is a link to my profile on HTS. First of all create a user account at this site to continue. I will slowly add Tutorials to those missions I have already completed. Please use Mozilla Firefox for the missions. Even Chrome has some problems with some missions. Let us start with Basic Missions.
Basic Missions are the thing to start with. There are 10 different levels available and to pass through them you would have to learn quite a lot(and take my word on it, it is really a wonderful experience)
This is what you see when you login and click on Basic Mission 1:
With a note that warns you that if you have no idea what this is, you must Learn HTML. I too would advice you to learn it. Youmay probably solve some but sooner or later you will need to Learn HTML. So we see a blank box begging for password, and we don't know the password, as yet. What would you do? Let us check the source of the webpage. (Available under View>>Source in IE, and Ctrl+U in Firefox/Chrome). It gives us an absurd listing. What should we do? Let us search for the word "password". (Use Ctrl+F) Do you see something. Now that you have got it, enter the password, to earn your first points.
Basic Mission 2 takes it a little higher than just viewing the code.
All right, so he has uploaded the text file, too this time. And the computer will check against the list of passwords in that file. So let us take a look at the source code, now. highlight below to see what is of our use. Or search for it in the source, yourself.
So there is a hidden field involved. Now, what exactly is a hidden field. A hidden field in a form is just that-hidden. It remains hidden from the viewer but is viewable in the source. So we see that the field has a value of "password.php". We were earlier told that he has "
So Sam, the admin, has left a loophole in somehow. He has written the password in the script. but in case he forgot the password, he has made another script that mails him the password in case he forgets it. And we get a link to that script. try clicking on the "Send Password To Sam" button. We get a message telling us that "Password reminder successfully sent." Take a look at the address bar. the name of the script appears to be "level4.php". Let us view the code and search for "level4.php":
So Sam has not learned anything from the previous mission on hidden fields. He has gone a step ahead and used another hidden field that stores the value of his email-id. the name of this field is to. Now let us run the script once again, but change the 'to' field. How do we do that. Simple. Save the page on your PC, and edit it. Use File->Save As in IE, or Mozzila, and then edit the saved page in Notepad. Search for the web address we had earlier noted: firstname.lastname@example.org. Change it to anything you like. And then run the page from an open window of the browser that has logged in to your HTS account. Then click on Get Password For Sam. You will get a password, enter it and we are done.
So we have reached the level 5. So far we have learned a lot of HTML, and Sam continues as our administrator. The mission says:So Sam did not write his own program. Let us test it. when we click on the button, we see that the password reminder was successfully sent. Where did it go? Let us check the source code again. So we see two forms, the first one sends an email to the old address, and the second checks the password we enter. the to field is yet again hidden. but we know that the password reminder script is level5.php. Let us try to change the to field. How? As we did previously, by saving the page, and editing it. We try the old way and get an error:Referrer Error: Please Check Referer (Note: This is not a bug)
Here we get a referer errror, which means that the code checks from where the page comes. So this is not the way. Let us think how can we manipulate th to field. Let us use java script injection. What is that. Just wait and enter the following in your browser's address bar and hit enter:
Other Work >