Hack This Site basic 10: detailed walkthrough
Hello people! You know what we are going to do today. I’ll be solving it along while writing this post so it’ll be a detailed walkthrough. So without any delay let’s begin.
NOTE: I have only done detailed walkthrough of Hack this Site Basic 6-11 because they are relatively tough and wanted to show how one should approach from a beginners perspective. You can easily find solutions for Basic 1-5 by a simple google search but I believe anyone with basic knowledge of HTML and JS can solve them easily.
On inspecting the form using dev tools, action is set to index.php
Let’s submit random text and see what happens in the network tab in dev tools as shown below.
As you can see in the HTTP header of our requests we have submitted
password=hamburger which is certainly not correct and guess what we also see
cookie which says
Cookie: level10_authorized=no; phpbb3_28pla_u=1; phpbb3_28pla_k=; style_cookie=null; HackThisSite=vtahaid0fa6mh64cr720nul9l0; phpbb3_28pla_sid=01c8470df618055839d69bb90c978518
📄 Know the web: http cookie 🍪
Anything interesting over here? Of course
level10_authorized=no. What if we change the cookie value to
now let’s submit an empty input and bingo! you cleared it.
🥳 So it’s time to wrap up the post with a quote
Your mind will answer most questions if you learn to relax and wait for the answer. -William S. Burroughs
#HTS #HackThisSite.org #walkthrough #wargame #CTF