Back again with another Hack This Site article, please check out my other posts in this series part 1 and part 2. This time we are taking on the basic web challenge level 3. This challenge involves some knowledge of how web applications are structure. Most web applications use a hierarchical layering whereby the first page you find will tend to be in the first directory. Then sub directories may contain other information. For instance if I wanted to access the about section of a web application I would visit https://haxez.org/about/ where haxez.org is the root and about is a page.
After logging in to the site and navigating to the basic challenges. Select level 3. It will say the following.
“This time Network Security Sam remembered to upload the password file, but there were deeper problems than that”.
The blurbs of text try to give us a clue about how to solve the challenge. On this particular challenge the word deeper stuck out to me. What could they mean by going deeper? These challenges were out before the movie inception so it can’t be a reference to that.
By going deeper in the directory structure or the file path structure, the user should be able to retrieve the password. By visiting https://www.hackthissite.org/missions/basic/3/password.php and viewing the page source you should be able to retrieve the location of the password.
Navigating to the password.php file in your browsers URL should bring up a blank page. However viewing the page source of that page should show you a string of numbers and letters.
Copying the password and pressing back to go back to the password submission page will allow you to submit the password and complete the challenge.
This is a good example of what to look for in web application tests and how easy things can be overlooked. By mapping out the directory structure you not only get a clearer picture on how the application works, but you also might find something interesting like login pages, sitemaps or robots.txt files with sensitive information.
Thats all for now, see you next time.