Posted by: Ken Harthun
Ethical hacking, Fun stuff, Hacking, Password, Security
The other day, I proposed you test out your ethical hacking skills over at HackThisSite. If you didn’t see that post, take a look now: How Are Your Hacking Skills? As promised, I’m publishing my comments and approach to the solution.
Level 1, dubbed “The Idiot Test,” requires that you enter the correct password into a password field in order to continue to the next level. The name itself seemed a giveaway to me, so I started with the obvious, a blank password, and simply clicked the submit button. No joy. Next, I tried ten of the most popular weak passwords in use (take your pick as to which “Top Ten” list you prefer):
None of these worked; it appeared as if the test was going beyond the idiot level. If it’s that simple, it should be obvious, so I took another look at the screen and noticed another subtle clue: “If you have no idea what to do, you must learn HTML.” Hmm. Maybe the page source has a clue. I opened the page source and searched for “password.” Bingo! I found this in the code:
<!-- the first few levels are extremely easy: password is 1e79cde6 –>
Did you figure it out? Hit the comments and let me know.