Security Corner

Sep 16 2009   6:38PM GMT

Hacking Skills Challenge-Level 3



Posted by: Ken Harthun
Tags:
Ethical hacking
Hacking
Password
Security
Vulnerabilities

My most recent post, Hacker Skills Help Save a Client’s PC, is a real-life practical example of how honing (or developing) your hacking skills can help you better serve your clients. So if you haven’t gotten around to it yet, mosey on over to HackThisSite.org, create an account and get started on the basic missions. They’re pretty simple, but if you don’t know a thing about hacking, you’ll be challenged.

Did you figure out level 3 of the HackThisSite.org Basic Missions? Here’s the mission:

This time Network Security Sam remembered to upload the password file, but there were deeper problems than that.

Recall that Sam forgot the password file the last time and so the script that checked for the file returned a <null> value—a blank password. This time, he remembered to upload the password file, which, if you look at the source code for the page, is password.php. In the last challenge, we were told that the password file was not encrypted. I wonder if we can open password.php? Let’s copy the URL of the challenge page and append “password.php” to it: http://www.hackthissite.org/missions/basic/3/password.php. Voila! The page opens, revealing 792debbc as the password.

Mission accomplished.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: