hackThisSite
問題 var foo = 5 + 6 * 7 var bar = foo % 8 var moo = bar * 2 var rar = moo / 3 function check(x) { if (x.length == moo) { alert("win!"); window.location += "?lvl_password="+x; } else { alert("fail D:"); } } こんなjavascriptが書いてある。 …
問題 JS Obfuscation. FTW!その後に、例のごとくパスワード入力欄とボタン。 攻略 まぁとりあえず、ボタンに該当する箇所のHTMLを眺める。 <button onclick="javascript:if (document.getElementById("pass").value=="j00w1n"){alert("You WIN! ");window.location += "?lvl_password="+document.getElementById("pass").value}else {alert("WRONG! Try again!")}">Check Passwo…</button>
問題 なし例のごとくパスワード入力欄とボタン。 攻略 JavascriptMission::Idiot Test攻略 - なんというていたらくと同じようにcheck関数を見る。 moo = unescape('%69%6C%6F%76%65%6D%6F%6F'); function check (x) { if (x == moo) { alert("Ahh.. so that'…
問題 Fiftysixer decided to try his hand at javascript! All was going well until he realized that he forgot to remove the unused code, which resulted in a confusing mess. He didn't mind, in fact, he did his best to make it even MORE confusi…
問題 なし例のごとくパスワード入力欄とボタン。 攻略 JavascriptMission::Idiot Test攻略 - なんというていたらくと同じようにcheck関数を見る。 RawrRawr = "moo"; function check(x) { "+RawrRawr+" == "hack_this_site" if (x == ""+RawrRawr+"") { aler…
問題 なしhttp://www.hackthissite.org/missions/javascript/2/にアクセスすると、 自動的にhttp://www.hackthissite.org/missions/javascript/2/fail.phpに飛ばされて、尚かつLogOutさせられる。 攻略 タイトル通り、javascriptを無効にしてあげればよい。 …
次はJavascriptMissionを攻略してみる。 問題 なし例のごとくパスワード入力画面があり、 その下に入力されたパスワードをチェックするボタンがある。 攻略 ボタンに該当するHMTLは以下のようになっている。 <button onclick="javascript:check(document.getElementById('pass').value)">Check Password</button> これは入力されたパスワードを引…
問題 Network Security Sam is going down with the ship - he's determined to keep obscuring the password file, no matter how many times people manage to recover it. This time the file is saved in /var/www/hackthissite.org/html/missions/basic…
問題 リンク元には Sam decided to make a music site. Unfortunately he does not understand Apache. This mission is a bit harder than the other basics.とあり、 http://www.hackthissite.org/missions/basic/11/にアクセスすると、 ただのテキストペ…
問題 なんか上書きされて消えちゃったので再度簡単に 問題文なしいきなりパスワード入れろみたいになってる。 This time Sam used a more temporary and "hidden" approach to authenticating users, but he didn't think about whether or not those users …
問題 Sam remains confident that an obscured password file is still the best idea, but he screwed up with the calendar program. Sam has saved the unencrypted password file in /var/www/hackthissite.org/html/missions/basic/8/ However, Sam's y…
問題 Network Security Sam has encrypted his password. The encryption system is publically available and can be accessed with this form: ... You have recovered his encrypted password. It is:0277<98? 攻略 これは簡単な換字式暗号の解読適当な文…
問題 This time Network Security sam has saved the unencrypted level7 password in an obscurely named file saved in this very directory. In other unrelated news, Sam has set up a script that returns the output from the UNIX cal command. Here…
問題 Sam has gotten wise to all the people who wrote their own forms to get the password. Rather than actually learn the password, he decided to make his email program a little more secure. 攻略 Basic4と同じ方法でいけるので省略。
Hack This Site 先輩がやっていたというので、やってみることにした。 最初はBasicMissionから。 問題 This level is what we call "The Idiot Test", if you can't complete it, don't give up on learning all you can, but, don't go begging to someone …
問題 Network Security Sam set up a password protection script. He made it load the real password from an unencrypted text file and compare it to the password the user enters. However, he neglected to upload the password file... 攻略 問題を…
問題 This time Network Security Sam remembered to upload the password file, but there were deeper problems than that. 攻略 "もっと深刻な問題"からすぐに"fileが閲覧可能"に気づいた。ソース中に <input type="hidden" name="file" value="password.php" /> とあるので、location.href/password.phpに飛べば答…
問題 Sam has gotten wise to all the people who wrote their own forms to get the password. Rather than actually learn the password, he decided to make his email program a little more secure. 攻略 ソースを見れば /missions/basic/4/level4.php…
