The big lie of computer security is that security improves by imposing complex passwords on users. In real life, people write down anything they can't remember. Security is increased by designing for the way humans actually behave. -Jakob Nielsen
Hello, this is Monica, HackThisSite's Lead Moderator. Because I've been getting a lot of requests for Realistic 3, I thought I would write an article to contribute to the HTS community. This guide will help you understand how to complete the mission without major spoilers. I hope you will find the article useful. I also hope you will learn something new and feel a sense of accomplishment.
I run this website where people can read and submit peace-related poetry. I am doing this out of good will towards others, and I don't see why I would be making enemies out of this, but some real asshole hacked my website posting a bunch of ignorant aggressive propaganda on the front page. And I made that website a while ago, and I no longer have access to it. Do you think you can hack in and change it
back? Please? Oh, and bonus points if you message me the name of the bastard who did this!
[1.] Before you begin a HTS Realistic mission, the very first thing to do is to always read the messages carefully from our fellow friends who need our help. It will definitely help you to keep in mind on what you really NEED to do to complete a mission. It may also provide useful information and/or hints. Sometimes, it is easy to get off track, so taking notes is suggested.
[2.] Assuming that you know HTML, you should know that HTML is language used to create and display web pages with a web browser. In fact, look at the content carefully and thoroughly. Try to understand how the site works; see how it is coded.
[3.] What did you find? Remember, the site is hacked. If you have found the original site, you should look around and see what else you can find. Remember what your goal is? PeacePoetry wants you to restore her site. How would we do that?
:: Let's say that you have just created a webpage using basic HTML only for displaying purposes, like text and images. You then decided that you'd like feedback from visitors on your site which does NOT include e-mailing you directly. Can you think of an easier and faster method that will allow a user to submit information such as a user's name along with a comment?
[4.] If you have not figured it out, think about the original site. Figure out how it was hacked in the first place using the information provided in this article.
:: We all want submission of any information to be safe and secure, and there are many different methods of sending/receiving information.
::** Examples: Shopping online, subscription to a newsletter, or registering a userID on HackThisSite! Think about HOW you registered your HTS username. Registering the username would require a password and an e-mail, which means that the submitted data is stored.
[5.] Hopefully you now understand how submitted information works. (A bit anyway.) =P The question is - WHAT is the information that we need to submit? Remember, you are restoring the original site, which would replace the hacked site.
** If you are stuck:
Perhaps, you can duplicate it.
[6.] This is now the time to use Directory Traversal. It is an attack to manipulate and/or gain access to restricted files. For more information, MAKE GOOGLE YOUR BEST FRIEND! The most important part is submitting the information to the correct areas.
** If you are stuck:
Think about Basic 8 & 9.
Congratulations! You have completed Realistic Mission 3.
:: Vote for my article on a scale of 1-10, with 1 being horrible and 10 being awesomeness. Feel free to comment! Future article requests are also welcome! ::