Please ask questions ONLY in this topic.

[-Ninjex-]

I completed this mission, but maybe by luck, if you count educated guesses as luck. So I have a question:

How do you know that directory traversal is the key? I could not find any evidence that anything is stored in different directories at all.

You don't really know that it is key! Just like you wouldn't know if a web-site filters SQLi, or XSS... You test it out, and if it works, you know it is vulnerable to such attacks, and if it fails, you know it is not vulnerable to those attacks. The first page was overwritten by another index file tells you that the user was able to upload his index page, and replace the actual index file, on the site. With that information, you know that there should be a way to upload a new index file onto the site. The obvious attack choice is directory traversal attack when you see there is a upload form.

[corbonium]

The first page was overwritten by another index file tells you that the user was able to upload his index page, and replace the actual index file, on the site. With that information, you know that there should be a way to upload a new index file onto the site. The obvious attack choice is directory traversal attack when you see there is a upload form.

the upload form was indeed the dead giveaway for me, but it did not cross my mind that I should be trying to duplicate the loophole the original hacker exploited. Thinking about it, it now becomes clear as to the reason why both index pages are all in 1 line. It is not to make your life a pain in the ass, and it is not because the original author and the hacker like to write things all on 1 line. it is to do you a favor by giving you a realistic hint to the solution the hacker used. And I give back this knowledge as a hint to those who come after me.

I'm reading that people are stumped or it took them 5 days to complete this mission.. i managed it in about 1 hour... does that mean I'm getting better at this?

[digitalsuicide]

This is glaringly simple, took a while to figure it out, I actually tried the solution the first time but missed out the traversal thinking everything was rooted... doi!

Question is, I never managed to actually list the directory content, is this possible?

[RedPotion]

Are the poems stored in http://www.hackthissite.org/missions/realistic/3/ or are they stored in http://www.hackthissite.org/missions/realistic/3/[SUBDIRECTORY]

I'm trying to understand why something worked and something else I tired originally didn't.

Thanks

[Snipeon]

damn, took me long enough for this. i was on the right track with the i****.***l, but i kept ignoring the source hints. finally got it, source people, source...

[impulse_x]

I don't need to e-mail the poetry guy right? That's just something to make the story interesting?

If so, and I get the "Go On" page, that means I've solved it?

[limdis]

I don't need to e-mail the poetry guy right? That's just something to make the story interesting?
If so, and I get the "Go On" page, that means I've solved it?

For our own security we only simulate these exploits. You aren't actually 'performing' anything. If you get prompted by the "Go On" icon then yes you have just executed the necessary action that in the specific scenario would complete the end goal.