Hack This Site is a free, safe and legal training ground for hackers to test and expand their hacking skills. More than just another hacker wargames site, we are a living, breathing community with many active projects in development, with a vast selection of hacking articles and a huge forum where users can discuss hacking, network security, and just about everything. Tune in to the hacker underground and get involved with the project.

HackThisSite has several challenges in different categories, in this section we will start with the Basic Missions solutions. This is a good start if this is your first time playing CTFs, they are quite easy exercises.

In these missions we will mainly use view-source, inspect element and cookie modification.

LEVEL1

view-source

LEVEL2

We can read: “However, he neglected to upload the password file…”, which means there’s no password.

LEVEL3

view-source -> https://www.hackthissite.org/missions/basic/3/password.php

LEVEL4-5

Change the email with yours using Inspect and click on “Send password to Sam”.

LEVEL6

If we try to encrypt the word “hola”, we get hpnd. Our encrypted password is 8 letters long, so let’s write for example “hellowyd” and we get: ‘hfnos|k’. With the table from http://www.asciitable.com/ we try to guess how many positions have been moved in each letter. h-h 0 positions e-f 1 positions l-n 2 positions l-o 3 positions …

We can analyze the position of each letter, and we observe that going letter by letter, the position displacement increases +1. In other words, in our case the encrypted pass is “ec29;g?=”, so to have the pass we would have to move 0pos for the first letter, -1pos for the second, -2pos… Solution: eb067b96.

LEVEL7

“This time Network Security sam has saved the unencrypted level7 password in an obscurely named file saved in this very directory.” It seems a command injection, injecting: “;ls -la”, we get: https://www.hackthissite.org/missions/basic/7/k1kh31b1n55h.php

LEVEL8

We must find the unencrypted pass file. First of all we see how this level works, we put our name and we get a temporary url: https://www.hackthissite.org/missions/basic/8/tmp/blwplozp.shtml. Using shtml injection, <.!–#exec cmd=”ls” –>, we see several files but the pass doesn’t appear. If we go to the parent directory, <.!–#exec cmd=”ls ../”–>, a php file appears https://www.hackthissite.org/missions/basic/8/au12ha39vc.php -> pass: 5a529784.

LEVEL9

As the mission indicates, the file can be obtained with level 8. So let’s go to level 8 - directory 9: <.!–#exec cmd=”ls ../../9”–>. https://www.hackthissite.org/missions/basic/9/p91e283zc3.php -> PASS: a0baf0da.

LEVEL10

Change the cookie level10_authorited to yes.

LEVEL11

Going to index.php looks like we need a password. We can search more directories with fuzzer where we can get https://www.hackthissite.org/missions/basic/11/e/l/t/o/n/ but no file appears. We know that Apache is used, so we can access to https://www.hackthissite.org/missions/basic/11/e/l/t/o/n/.htaccess where it appears: IndexIgnore DaAnswer.* .htaccess. https://www.hackthissite.org/missions/basic/11/e/l/t/o/n/DaAnswer -> The answer is short! Just look a little harder. -> short.