Saturday, August 15, 2009

hack this site basic 11

In this 11th mission we are dealing with a miss-configured music website, by appending "index.php" to the URL you get a page that asks you to enter the correct password that we don't have ... yet.

One thing that you may have noticed is that whenever you refresh the page you get a new song name, this may seem random but it's not and with a little bit of googling you'll notice that these songs were performed by elton john. Now that we know that, we have to find how the music collection is organized on the server, after many tries I found that the songs are organized in letter by letter directories, trying all the different possibilities is a waste of time because we already know where to look for our password, it's in http://www.hackthissite.org/missions/basic/11/e/l/t/o/n/ but when you get there, this directory may seem empty, but actually it's not, there is a hidden file in it and it's named ".htaccess", this file allows a directory level configuration of the web server (In this case Apache).  When you open the .htaccess file you'll see this interesting instruction:
IndexIgnore DaAnswer.* .htaccess

this tells to the web server to exclude these two files from the directory listing. Now we know that our password in the "DaAnswer" file, when you open the file you'll get something like

The answer is easy! Just look a little harder.

You have to take it literally, cause in this case the answer is "easy" (without the quotes), now go to the index.php, submit your anwser and the "go on" link will appear, you have completed the 11th basic mission.

14 comments:

  1. Don't understand what are you talking about here can you tell me, and dont take me for a crazy or anything in this way!!!!!

    ReplyDelete
  2. Got it!, thanks. /e/l/t/o/n doesn't even passed my mind.. *sighs*

    ReplyDelete
  3. u r a fat spoiler dood, at least give people some space to use their brains!

    ReplyDelete
  4. well ... I can't access the .htaccess file, I do write http://www.hackthissite.org/missions/basic/11/e/l/t/o/n/.htaccess in the address bar but I get an empty page >.<

    ReplyDelete
  5. Yes, and this what you should normally get:

    IndexIgnore DaAnswer.* .htaccess

    order allow,deny
    allow from all

    ReplyDelete
  6. how do you go about finding the .htaccess in the first place? im trying to learn from this not just take and answer and run. so even once your in the http://www.hackthissite.org/missions/basic/11/e/l/t/o/n/ directory how do you find a hidden file? there is no where for commands and the source code doesn't have it either

    ReplyDelete
  7. you need to update ur file the new answer for this site is "right here" (no quotes space included)

    ReplyDelete
  8. It is currently "somewhere close"

    ReplyDelete
  9. I dont understand how you're supposed to open the DaAnswer.* file...Is it in the e/l/t/o/n/ directory or in the basic/11/ directory? and what extension do I use? I've tried .php, .html, .htm, .pl and a few others but I always get a "page not found" error.

    ReplyDelete
  10. miles cribbs, the file name doesn't include ".*"

    You just go to e/l/t/o/n/DaAnswer

    ReplyDelete
  11. Google is your friend :)

    site:http://www.hackthissite.org/missions/basic/11/

    Search and click

    If you like, you can repeat the search with the omitted results included.

    ReplyDelete
  12. Michal> That's an interesting method you propose. At least it quickly helps.

    I was wondering if there was a way to detect in which folder is the .htaccess or we if we could just guess ?

    ReplyDelete
  13. Thanks a ton. I am glad I read this as I realize now I would have never guessed e/l/t/o/n after all of my million attempts.

    ReplyDelete