Please ask questions ONLY in this topic.

[-Ninjex-]

I completed this mission, but maybe by luck, if you count educated guesses as luck. So I have a question:

How do you know that directory traversal is the key? I could not find any evidence that anything is stored in different directories at all.

You don't really know that it is key! Just like you wouldn't know if a web-site filters SQLi, or XSS... You test it out, and if it works, you know it is vulnerable to such attacks, and if it fails, you know it is not vulnerable to those attacks. The first page was overwritten by another index file tells you that the user was able to upload his index page, and replace the actual index file, on the site. With that information, you know that there should be a way to upload a new index file onto the site. The obvious attack choice is directory traversal attack when you see there is a upload form.

[corbonium]

The first page was overwritten by another index file tells you that the user was able to upload his index page, and replace the actual index file, on the site. With that information, you know that there should be a way to upload a new index file onto the site. The obvious attack choice is directory traversal attack when you see there is a upload form.

the upload form was indeed the dead giveaway for me, but it did not cross my mind that I should be trying to duplicate the loophole the original hacker exploited. Thinking about it, it now becomes clear as to the reason why both index pages are all in 1 line. It is not to make your life a pain in the ass, and it is not because the original author and the hacker like to write things all on 1 line. it is to do you a favor by giving you a realistic hint to the solution the hacker used. And I give back this knowledge as a hint to those who come after me.

I'm reading that people are stumped or it took them 5 days to complete this mission.. i managed it in about 1 hour... does that mean I'm getting better at this?

[digitalsuicide]

This is glaringly simple, took a while to figure it out, I actually tried the solution the first time but missed out the traversal thinking everything was rooted... doi!

Question is, I never managed to actually list the directory content, is this possible?

[RedPotion]

Are the poems stored in http://www.hackthissite.org/missions/realistic/3/ or are they stored in http://www.hackthissite.org/missions/realistic/3/[SUBDIRECTORY]

I'm trying to understand why something worked and something else I tired originally didn't.

Thanks

[Snipeon]

damn, took me long enough for this. i was on the right track with the i****.***l, but i kept ignoring the source hints. finally got it, source people, source...

[impulse_x]

I don't need to e-mail the poetry guy right? That's just something to make the story interesting?

If so, and I get the "Go On" page, that means I've solved it?

[limdis]

I don't need to e-mail the poetry guy right? That's just something to make the story interesting?
If so, and I get the "Go On" page, that means I've solved it?

For our own security we only simulate these exploits. You aren't actually 'performing' anything. If you get prompted by the "Go On" icon then yes you have just executed the necessary action that in the specific scenario would complete the end goal.

[N3nvy]

I was all confused with the commands but they are not necessary, use the simple information and try and see what works and where you may be able to submit information.
Don't skip over information, everything is there for a reason and is usually important to the mission.

[amp1776]

Very important that the basic missions have been worked through first..

[Miryafa]

I happy that I finished this mission too, with help.

If anyone's stuck at the same place I was, my hints to you are:
1. don't mess with the url bar; post is not vulnerable the same way as get
2. after checking wikipedia's page try typing exactly what it has
3. only one of the boxes is vulnerable

Naturally, mods please edit if needed.