Creating a bot account could be interesting for collecting data from an user, making statistics reports by likes/hashtags/locations, getting audience or for account creation. If you are interested in the OSINT section, you can use some of the features that I will discuss later or you can simply use this...
This is the second part of realistic missions created to be exactly like situations you may face in the real world. LEVEL9 Login with the credentials, then we see interesting cookies that we can steal (XSS injection). Going to https://www.hackthissite.org/missions/realistic/9/pm.php, we can send a message to m-crap (owner) and with...
This is the first part of realistic missions created to be exactly like situations you may face in the real world. LEVEL1: Inspect-> Change the value of one of the 1-5 vote options to 100000. LEVEL2 View-source -> https://www.hackthissite.org/missions/realistic/2/update.php -> user: admin, and the pass is a SQL injection: ‘...
Hack This Site is a free, safe and legal training ground for hackers to test and expand their hacking skills. More than just another hacker wargames site, we are a living, breathing community with many active projects in development, with a vast selection of hacking articles and a huge forum...
Weak session IDs We can predict some session IDs to steal information or carry out some malicious operations. LOW - MEDIUM - HIGH: LOW: We see that the dvwaSession cookie increases one unit each time we send a request. $_SESSION[‘last_session_id’]++; . It has no difficulty in getting IDs. MEDIUM: In...
