This is my solution for HackThis. I have done 14% of all the problems and really learnt a lot.And I’m eager to write this article to record some useful ways of hacking.
Main Level 1
Just see the source code,and you will find everything.
Main Level 2
It’s also easy,the answer are also existing in the source code.( under your nose!?...)
Main Level 3
Just make a serch on ‘pass’…
Main Level 4
Do you see the file called “ssap.xml”?
Main Level 5
What a cute cat….Just be in the Script…
Main Level 6
Use element view and add some codes.
Main Level 7
A txt file? Just robot.txt-(The Robots Exclusion Protocol) Web site owners use it to give instructions about their site to web robots.Just visit www.xxx.com/robot.txt
Main Level 8
Also a file.However you should try to find it out…
Basic+ Level 1
An error file?Oh,no ,just decode the file and you will see the file header.Just search it and use file association to match header with file type .Also just visiting http://checkfiletype.com is available. ….
Intermediate Level 1
GET method? Just add some in the URL.
Intermediate Level 2
POST methord?Write a HTML as this:
<form method="post" action="https://www.hackthis.co.uk/levels/intermediate/2"> <input type="text" name="password" value="flubergump"> <input type="submit" value="submit"> </form>
Then all things will be OK.
Intermediate Level 3
Use TempterData to change some value…
Intermediate Level 4
It’s what I struggled on for a long time. First you must know something about PHP and XSS,then you will find that filter is a thing for preventing XSS hacking.Then after inputing many codes ,one thing will be obvious:string like this” from the original string.So just insert’script’ to segment the original string,like this: