Skip to main content

HackThisSite : Basics [1- 9 ] | Challenges made by Real hackers


1 to 6 in the above playlist 🔝

 challenge 6 — decryption code : https://github.com/AdithyakrishnaV/Python-for-Penetration-Testing/blob/master/decrypt.py

#hackthissite basic full-section playlist

BASIC 7

  • cal command is the key
  • After a lot of searches, I found this https://www.linuxquestions.org/questions/general-10/unix-cal-command-in-an-odd-situation-370968/
  • The website has set up a script that returns the output from the UNIX cal command. So in the input box, I could type ‘2005’ and hit enter, and it would run the cal command and that year, then return the output on the webpage to view that calendar
  • There is a file (which I don't know the name of) in that dir where the cal command is executed, what would be a possible way to enter something in that text box to find out what the name of it is?
  • Just “ ls ” or “ls -la ” wouldn't work
  • [ cal 2001, cal -y, cal -j ] : this is what happens when we type a year or a flag like “-y” (cal) so type:

2022; ls

  • and it worked
  • Completed

BASIC 8

Server-Side Includes (SSI) Injection:

SSIs are directives present on Web applications used to feed an HTML page with dynamic contents

SSI my detailed medium post:

Hi, au12ha39vc.php index.php level8.php tmp! Your name contains 39 characters.

BASIC 9

Level 9 has no input field and all the levels ara in the same directory so:

come back to level 8 :

<! — #exec cmd=”ls ../../9" →

Comments

Popular posts from this blog

Bug Boundy Methodology, Tools & Resources

Start by defining a clear objective, such as exploiting a remote code execution (RCE) vulnerability or bypassing authentication on your target. Then, consider how you can achieve this goal using various attack vectors like XSS, SSRF, or others - these are simply tools to help you reach your objective. Use the target as how a normal user would, while browsing keep these questions in mind: 1)How does the app pass data? 2)How/where does the app talk about users? 3)Does the app have multi-tenancy or user levels? 4)Does the app have a unique threat model? 5)Has there been past security research & vulnerabilities? 6)How does the app handle XSS, CSRF, and code injection?

Install & set up mitmweb or mitmproxy in Linux

Step 1: Go to the mitmproxy page and download the binaries. Step 2: Install the downloaded tar file with the command " tar -xzf <filename>.tar.gz " Step 3: In the FoxyProxy add the proxy 127.0.0.1:8080  and turn it on. Step 4 : In the terminal run command " ./mitmweb " Step 5: Go to the page  http://mitm.it/   and download the mitmproxy's Certificate. Step 6: If you downloaded the certificate for Firefox, then go to " settings -> Privacy & Security -> Click View Certificates -> Click  Import ", then import the certificate.  Step 7: Now you are ready to capture the web traffic. Step 8 : In terminal run " ./mitmweb"

CISCO devises configuration commands & info CCNA 200–301

  Repository with all the labs and necessary screenshots: GitHub — AdithyakrishnaV/CCNA_200–301: CCNA 200–301 Practical LABS. CCNA (Cisco Certified Network… CCNA 200–301 Practical LABS. CCNA (Cisco Certified Network Associate) is an information technology (IT) certification… github.com Configure the hostname : Router>en Router #conf t Router (config) #hostname R1 R1 (config)# en  is the shortcut for  enable  command. “ennable” is used to enter Privileged EXEC mode conf t  is the shortcut for  configure terminal command. Used to enter the global configuration mode delete or remove Just put a no in front, it is same across all devices. R1(config)#no interface g0 /0.20 show ip interface Checks the status of the interfaces R1(config) #do show ip interface brief Interface IP-Address OK? Method Status Protocol GigabitEthernet0/0 unassigned YES unset administratively down down GigabitEthernet0/1 unassigned ...