Hack This Site | Info,Walkthrough and Review
Hack This Site | Info, Walkthrough, and Review
HackThisSite.org, normally alluded to as HTS, is an internet hacking and security site established by Jeremy Hammond. The site is kept up by individuals from the network after his departure.
It intends to furnish clients with an approach to learn and rehearse essential and progressed "hacking" aptitudes through a progression of difficulties in a protected and legitimate condition.
So without wasting time, we are going to dive into Hackthissite.org
The first thing you need to do is register to site. simple and easy.
Few features of HTS :
1) Provide real-time hacking scenarios.
2) many articles and feeds on recent technologies, Programming languages, exploits & tutorials.
3) an excellent forum consisting of topics starting from basic to most sophisticated stuff you'll find on the web. Some of the various topics would be Cryptography, Mathematics, Design, Human psychology and far more.
4) Great collection of warez that would be used for private and hosted challenges.
5) Hackthisite IRC, Where you'll meet a number of the foremost talented people on the web.
6) Last but not the least -> Basic challenges, Realistic challenges, JavaScript challenges & all the others which are the base of HTS and keeping it interesting since 2005.
1) Provide real-time hacking scenarios.
2) many articles and feeds on recent technologies, Programming languages, exploits & tutorials.
3) an excellent forum consisting of topics starting from basic to most sophisticated stuff you'll find on the web. Some of the various topics would be Cryptography, Mathematics, Design, Human psychology and far more.
4) Great collection of warez that would be used for private and hosted challenges.
5) Hackthisite IRC, Where you'll meet a number of the foremost talented people on the web.
6) Last but not the least -> Basic challenges, Realistic challenges, JavaScript challenges & all the others which are the base of HTS and keeping it interesting since 2005.
list of challenges we have here...
here we are going to solve some challenges for better understanding and Fun.
 |
| Hackthissite Challenges |
here we are going to solve some challenges for better understanding and Fun.
Hack This Site Basic mission 1
In this simple challenge, our skill of HTML is going to be useful just Inspect that page and find login form you can see there password
 |
| Hack This Site Basic mission 1 |
as you can see the password is saved in HTML in there.. easy right..!!
but after every challenge difficulty level increases and become harder to complete challenges
moving on to next challenge
Hack This Site Basic mission 2
This challenge really require some thinking and common sense
so there is no password file uploaded to check where it is right password or not so any password you will enter give you an incorrect password..
but the catch is if we submit a blank password it will not check up and confirm it directly..
Just submit a blank field and it will show congrats you completed challenge..
This time password file is present there we just need to find it. in order to do that we need to inspect the site and find that password file..
after searching for some time I find that file password.php in there..
but after every challenge difficulty level increases and become harder to complete challenges
moving on to next challenge
Hack This Site Basic mission 2
 |
| Hack This Site Basic mission 2 |
This challenge really require some thinking and common sense
so there is no password file uploaded to check where it is right password or not so any password you will enter give you an incorrect password..
but the catch is if we submit a blank password it will not check up and confirm it directly..
Just submit a blank field and it will show congrats you completed challenge..
Hack this Site Basic mission 3
 |
| Hack this Site Basic mission 3 |
This time password file is present there we just need to find it. in order to do that we need to inspect the site and find that password file..
 |
| Hackthissite basic mission 3 |
after searching for some time I find that file password.php in there..
we just need to open that file adding it to the URL..
 |
| Hackthissite basic mission 3 password.php |
as you can see after hitting enter password is directly shown in there just need to copy it and paste it in the password field and hit submit.. and we passed another challenge..
Hack this site basic mission 4
 |
Hack this site basic mission 4 |
This time our developer sam made a script to send him password via email
we need to find his email address first in order to do so inspect an element and find an email address in HTML tags..
 |
| Hack this site basic challenge 4 |
after inspecting HTML I found the email address of sam which is sam@hackthissite.org
just need to change this email address with our email address so that the script will send a password to our email address..
now click on that script named to send the password to sam and this page will appear
 |
| Hack this site basic challenge 4 |
and password will be sent to the email we changed simply open that email copy password and paste it in password field hit submit.. and we passed another challenge..
These are some of the basic challenges I wanted to show you there are more to play with.. try to solve those challenges with your own smile will spread on your face after every challenge you passed..
go ahead and take challenges..
Realistic Challenges
Now we are going to see some Realistic challenges which are really fun to solve and test your hacking skills ..
there are lots of challenges out there but I will show you my favorite 2 challenges
without wasting time let's get into it..
Hack this site realistic mission 2
first of all, don't get offended because of this challenge it's just a demo site nothing represent here USA or Iran..
here we can see that the poem site is still running in the background..
 |
| Hack this site realistic mission 2 |
first of all, don't get offended because of this challenge it's just a demo site nothing represent here USA or Iran..
our goal here is to take down this site..
first, we need to inspect the site to find any useful information to escalate it further..
after inspecting it I found one juicy file which is update.php
by adding update.php in URL I found very interesting page there...
after playing with it I got payload ' or 1=1-- which is worked perfectly and we got admin access
hence we completed the challenge...
Hack This Site Realistic mission 3
This realistic challenge, we need to recover a poem site that is defaced by some bad hackers.
after inspecting that hacked page I found out that green HTML text over there..
 |
| Hack this site realistic mission 2 page |
by adding update.php in URL I found very interesting page there...
yesss.. we found the login page but in order to gain access to the login page need to find the username and password.. right.?
we can hack this login page with an old-school manual SQL Injection attack..
to check SQL error need to find the perfect payload..
after some trial and error, I found that the login page giving error on some post based union queries like
1=1--
 |
| Hack this site realistic mission 2 login page |
after playing with it I got payload ' or 1=1-- which is worked perfectly and we got admin access
hence we completed the challenge...
Hack This Site Realistic mission 3
 |
| Hack This Site Realistic mission 3 |
This realistic challenge, we need to recover a poem site that is defaced by some bad hackers.
after opening defaces site we need to Inspect it.
 |
| Hack This Site Realistic mission 3 Hacked page |
after inspecting that hacked page I found out that green HTML text over there..
which suggests the old site is still up there and backed up at oldindex.html
so we need to find it first
in order to do that type oldindex.html at the end of the URL and hit enter..
 |
| Hack This Site Realistic mission 3 oldindex.html |
now we need to post this page in index.html by submitting this page's source code..
but catch here We must use our previous path traversal knowledge to place the file in the correct directory.
here at the name of a poem we need to add directory which is ../index.html
which means we need to submit it on one directory up to show correctly on the index page..
in order to do that first copy the source code of the poem site and click on submit a poem
 |
| Hack This Site Realistic mission 3 |
here at the name of a poem we need to add directory which is ../index.html
and paste source code in the poem box and add poem..
after this poem will be added on index.hml which is a home page and the defaced page gets removed automatically...
hence challenge completed= respect+
I had too much fun solving realistic challenge.. must try..
Conclusion- Hackthissite.org is open for all. here all types of challenges you can see. I have shown you some of them but you should try other challenges on your own.
it has many challenges for beginners to advance hackers where you can test your caliber.
I will give you my example...
I am a penetration testing and ethical hacking expert but don't know more about forensics in hack this site I tried to solve forensic challenges and now I am a forensic expert too.. ;)
The moral of the story is it will really help you to gain and polish hacking skills...
so go and check it out..
happy hacking...
