last mission was accomplished last week, now we have a new mission on Hackthissite. Today we have a mission to accomplish solvingHackThisSiterealistic 3 mission. It is a second mission of series of realistic simulation mission . they are designed as real world scenarios which you may encounter in the real world.
[adinserter name=”Display_ads”]
the third mission in a realistic simulation series mission is designed to be exactly like real world situation, which we may encounter in real world, in here we help a friend restore a website which is defaced about the poetry posting .
this time the request came for our skills comes from a poetry enthusiasts. so let’s check it
[adinserter name=”Display_AMP”]
[adinserter name=”In-article”]
when we click the link given in the message, we get to a defaced poetry website. so by exploring the source code , we find a comment of hackers
[adinserter name=”AMP”]
so let’s try first by trimming the URL and add oldindex.html to it. viola, we get to a old page. now if we put some logic in it, logic says to just go backwards. let’s just find the exploit which was used by hackers and just restore the page the same way, since the exploit existed in the old site.
when we explore the site, we find out that there is a submit poetry section a vulnerable piece of code that can paste over files on the server. this is because instead of automatically renaming files , lets pastes them directly over the old one. when we submit and confirm via naming index.html file and oldindex.html is added to page source to the comment, we deface the website to it’s original form.
[adinserter name=”Multiplex_ads”]
[adinserter name=”Multiplex_AMP”]
[…] Realistic 3 Posted in CTFs & Vulnerable Machines […]
[…] Also read : HackThisSite | realistic 3 | walkthrough […]