Stage One is a simple 24-character code.

Here it is:

=ImYndmbn1ieiBnLmJWdjJmZ

All you need to do is to figure out how to transform this code into a URL.

Then follow your nose to the next stage.

Believe me, it’s not easy (unless you already know how to transform the text!) Hint: The “=” gives it away if you know your Linux.

I’ll post the video solution on New Year’s Eve, 23:59 UTC.

But first, let me point out that when you go to the site, there is always a witty, poignant or otherwise pithy, but often true, quote. Here’s the one I just encountered: “If you ask the government for permission to protest it, you deserve to be told no.” –Manhattan Libertarian Party Chair, Jim Lesczynski.”

OK. So, let’s take the first challenge and see what gives:

Uncle Arnold’s Local Band Review
Your friend is being cheated out of hundreds of dollars. Help him make things even again!
Difficulty rating: Easy.

So, here’s the challenge we get upon entering:

From: HeavyMetalRyan

Message: Hey man, I need a big favour from you. Remember that website I showed you once before? Uncle Arnold’s Band Review Page? Well, a long time ago I made a $500 bet with a friend that my band would be at the top of the list by the end of the year. Well, as you already know, two of my band members have died in a horrendous car accident… but this [expletive deleted] still insists that the bet is on!

I know you’re good with computers and stuff, so I was wondering, is there any way for you to hack this website and make my band on the top of the list? My band is Raging Inferno. Thanks a lot, man!

Sounds like a plan! Let’s get into it. It’s really almost too easy.

Visit the site and view the page source. Note that it uses “v.php” with the GET method to record the votes. There are two hidden inputs: PHPSESSID and id; you’ll need to use both of these. What we’re going to do is use the address bar to pass a very high value to the server and move Raging Inferno to the top.

Copy the value of PHPSESSID and note the id value (yours may be different than what I show here). Using the values for PHPSESSID and id, construct this URL: http://www.hackthissite.org/missions/realistic/1/v.php?PHPSESSID=abcaeadfc31a5c43b2534bf995c0553f&id=3&vote=99 and submit it.

If you’ve done everything right, you’ll see a blue button on the next page that says “Go On.” Clicking that button takes you to the next mission.

Congratulations!

Sam decided to make a music site. Unfortunately he does not understand Apache. This mission is a bit harder than the other basics.

One of the biggest problems people who don’t understand Apache run into is that they end up allowing their directories to be listed. We need to keep that in mind. You’ll see why in a minute.

When you click on the challenge, you’re taken to a page that has a sentence similar to: I love my music! “I Need You to Turn To” is the best! Not much of a clue there, it seems, and where’s the password prompt? And what page are we looking at? Viewing the source produced this:

I love my music!
"Someone Saved My Life Tonight" is the best!

<!--We even have our own collection - if you could find it!-->

Nothing listed for the actual page being viewed which made me think that it’s straight html. So, I tried ../index.php and voila! Got a password prompt. Progress, but a few tries at guessing the password were futile. On a whim, I went back to the original URL, http://www.hackthissite.org/missions/basic/11/, and found that the song name had changed. This time I got:

I love my music!
"Honky Cat" is the best!

<!--We even have our own collection - if you could find it!-->

So, I refreshed the page a few times and kept getting different songs. Like the two above, however, they all had one thing in common: The were songs performed by Elton John. I tried “elton” as the password, but no go, so it’s time to see if we can find .htaccess to see if we can get some answers.

http://www.hackthissite.org/missions/.htaccess – no go
http://www.hackthissite.org/missions/basic/.htaccess – no go
http://www.hackthissite.org/missions/basic/11/.htaccess – no go
http://www.hackthissite.org/missions/basic/11/elton/.htaccess – no go

Convinced that “elton” is the key, I tried an old trick that I’ve seen before and put this in: http://www.hackthissite.org/missions/basic/11/e. I got a listing with the letters b, c, d, e, f, g, and l as other directories. Hmm. . . could it be? I tried http://www.hackthissite.org/missions/basic/11/e/l and the last letter listed was “t.” Pretty obvious now: http://www.hackthissite.org/missions/basic/11/e/l/t/o/n. Nothing listed there, but that has to be where .htaccess is located. Sure enough:

IndexIgnore DaAnswer.* .htaccess
<Files .htaccess>
order allow,deny
allow from all
</Files>

Think “DaAnswer.*” might be it? Yep. http://www.hackthissite.org/missions/basic/11/e/l/t/o/n/DaAnswer gives:

The answer is simple!
Just look a little harder.

The answer is: simple. That’s the password.

Mission accomplished!

Network Security Sam has decided to hard code the password into the script. He also started to use cookies to detect if the user is authorized to advance to the next level. When you enter the correct password, it sets you to authorized, and if you enter an incorrect password, it sets you to unauthorized.

Ever edit a cookie? That’s all you have to do. Read the above challenge again and you’ll see that it tells you exactly how to crack it. I used a Firefox add-on called “Edit Cookies” to accomplish it.

Enter some random password into the field. It won’t be the right one, of course. Now, you have a cookie set on your machine named “level11_authorized” that is set to “no.” Edit the cookie and change the content from “no” to “yes”. After this, you can move to the next level.

Mission accomplished!

(Note: when I went to check this again, I got a message that the site is currently under maintenance: “HackThisSite.org is temporarily offline. We’re currently busy fixing some erroneous code, and will have HackThisSite.org back online as soon as possible. Thanks for your patience! – HackThisSite Staff”)