Patrick Talmadge

If this phone gets released I will be hard pressed not to buy one.

General

In this level our background information is:

This time Sam hardcoded the password into the script. However, the password is long and complex, and Sam is often forgetful. So he wrote a script that would email his password to him automatically in case he forgot. Here is the script:

In this level Sam has made several changes to his login script. As you can see from the background he now hardcoded the password in. But this time he created a script to email him the password because it is a long complex password. How are you going to exploit this script to get to the next level?

Hint: How can you change the email address in the script to your email address. You can do this several ways which will you find.

HackThisSite Levels, Hacking

Javascript injection is a fun technique that allows you to change a websites content without leaving the site, reloading the page, or saving the site to your desktop. Javascript injection can be very useful when you need to change hidden data before you send it to the server. Let’s start with some basic injection techniques.

Javascript Injection Basics

Javascript injections are run from the address bar of the browser. To start remove everything from the address bar.  That means delete the http:// and any website information in the address bar.

Javascript injection code is executed in the empty address bar using the javascript: protocol. In this tutorial we will  go over the basics of javascript injection. If you are a Javascript expert this might be below you but a refresher is always good.

The two most widely used injection commands are alert(); and void();. These commands will get you through most situations. For our first injection script we will open an alert box. Open the web browser of your choice and delete everything from the address bar. Go to any website you wish and type the following code in the empty address bar.

Code:  javascript: alert(”You’ve been hacked”);

What we have done is told the browser to send an alert box with some string text. Although very simple this is a great little trick you will see its power later in this post.

With the javascript: protocol you can run as many commands as you want. Enter the following code in your empty browser address bar to test more than one javascript injection command.

Code:  javascript: alert(”You’ve”); alert(”been”); alert(”hacked”);

In this code injection you will see three different alert windows pop up one after the other.

Cookie Hacking

Cookie hacking or editing can be very fun and can open a lot of doors. First we need to open a browser window and go to a site that uses cookies. Not sure if the site is using cookies here is some code that will let you know if the site is using cookies. Type the following code in a empty address bar.

Code:  javascript: alert(document.cookie);

This code is very similar to the code we learned in the basics section. What it does is open an alert box that outputs the cookie file information for the current site. With this little piece of code you should start to see the power of the alert command.

Now that we have seen what data the cookie has in it, let’s change some things. On the site I used when I executed the code above  I got “PHPSESSID=5b391ba8c4969af84eb426d469abba1″. The follow code is the code I used to change my cookie value. Depending on your cookie you may need to edit the code or the following code will just be appended to the end of the cookie.

Code:  javascript: void(document.cookie=”PHPSESSID = hacked”); alert(document.cookie);

In the code above the PHPSESSID value is changed to hacked and then an alert box is output showing the change to the cookie.

Notice the void command after the javascript declaration. Void is used to return a null value so the browser will not be able to load a new page. Cookie editing can open many doors in the following example you will see how you could hack your way into a website with poor authorization.

Let’s say you find a site that has restricted access to several pages. You check the cookie from the site to see if it is doing anything. The cookie outputs this: loggedIn=no. If you change that value to yes you could get access to the restricted pages without logging like a normal user. The following code changes the cookie value and displays the new value:

Code:  javascript: void(document.cookie=”loggedIn=yes”); alert(document.cookie);

Form Hacking

Form hacking can be achieved several ways a lot of the time you can save the webpage to your desktop and edit the HTML. Once edited you can submit the form from your desktop to the web sever. Many web developers have wised up to this and have added checks to there code for this kind of submitting. That it when javascript injection can come in very handy.

Let’s start with a very common example. You find a website that has a form with hidden form elements. The website code looks something like the code below.

Code:  <form action=”http://www.hackablesite.com/submit.php” method=”post”>
<input name=”price” type=”text” value=”1000″ />

As you can see from the code above we have some HTML code that has a form that posts data to a submit.php on the hackablesite.com server. This form has a hidden price field. I don’t know about you but $1,000 seems like a lot of money. I am not greedy I think $10 is a fair price. Below you will find the code I used to change this value. Enter the following code into your empty address bar.

Code:  javascript: void(document.forms[0].price.value= 10); alert(document.forms[0].price.value);

 In the above code we change the price field using javascript to access the value of the hidden field and setting that value to 10. An alert box is then opened to output to make sure the value has been changed. This attack can be used on more than hidden fields it can be used on select menus and any other form items.

That completes this post about javascript injection as you can see all kinds of fun things can be done with these techniques. Use your imagination and with a little work you can test your site and keep it secure from malicious hackers.

Hacking

In this level our background information is:

This time Network Security Sam remembered to upload the password file, but there were deeper problems than that.

In this level Sam has used the same script as level 2 but this time he uploaded the password file. He has made several mistakes that you can exploit to get to the next level.

Hint: Check the source code look for the script that the form posts to and any other interesting items in the source.

HackThisSite Levels, Hacking

Bush Proposes Faith-BasedFirewalls for Government Computers

By Brian Briggs

Washington D.C.—President Bush announced that by 2008 all government computers should be protected from outside attacks by the faith-based firewall called Protection From Above (PFA) from Houston-based software developer Christisoft.

“For too long we have turned to proven software companies with expertise in computer security for protection, now our computers will be protected by the power of prayer at a much lower cost to taxpayers,” said Bush.

Estimates show the US government spent $1.2 billion dollars to secure their computer systems at various agencies, which many Republicans think is an indulgence the government can’t afford.

“With the faith-based firewall and other faith-based security software from Christisoft we could save billions over the next ten years. That’s money that can be returned to the most generous of taxpayers,” said the President.

Bush also cited doubts about the efficacy “of science-based computer security” though he didn’t use that word exactly.

The software requires no installation or maintenance fees, but only a onetime registration fee for unlimited computers.

Joel Osgood, founder of Christisoft, said, “With the one time registration fee, a company’s entire network of computers joins our network of computer security prayer specialists. The power of prayer can heal the soul and can also protect you from nasty denial of service attacks and viruses.”

Specialists in IT departments at various government agencies said they weren’t contacted by the White House for any feedback on the system and they believe the President’s decision would be “disastrous” for computer security.

Osgood refuted critics who said prayer can’t protect from cyberattacks by saying, “Computers are extremely complicated devices that mere humans couldn’t dream of understanding. It takes the power of God to do that.”

Any security breaches in the PFA software are countered by a double-prayer guarantee.

Osgood said Christisoft’s customer list includes a Fortune 500 company currently being delisted from the New York Stock Exchange.

Computers, Security

In this level our background information is:

Network Security Sam set up a password protection script. He made it load the real password from an unencrypted text file and compare it to the password the user enters. However, he neglected to upload the password file…

Sam has smartened up and removed the password from the comments like in level one. He has set up a new script that checks the user entered password with the one saved in a file. But like the background said he forgot to upload the password file.

Hint: What should you type in if you are checking something that does not exist.

HackThisSite Levels, Hacking

In this level our background information is:

This level is what we call “The Idiot Test”, if you can’t complete it, don’t give up on learning all you can, but, don’t go begging to someone else for the answer, thats one way to get you hated/made fun of. Enter the password and you can continue.

This is a very simple level it should take you all of 30 seconds to figure out.

Hint: Check the source code and look for comments.

HackThisSite Levels, Hacking

If your like me you love Gmail. The tagging, chatting, and of course the massive storage. But have you ever noticed when you type www.gmail.com you get redirected to https://www.google.com/… Secure right… Not totally. Once you log into you are redirected to http://mail.google.com/… which is insecure. Granted if you are at home and your system is clean with nothing sniffing network traffic you are fine. But I want more security.

To make your entire Gmail session secure simply type https://www.gmail.com. This will redirect you to the same secure log in page as before. But once you log in it directs you to https://mail.google.com/… Your Gmail session is now secure and everything is on https.

Higher security by typing 8 more characters. It is worth it to me. Is it worth it to you?

Security

I found this fun hacker practice website the other day. It is a lot of fun to practice some basic hacks and learn some new things. Check it out http://www.hackthissite.org/

After I play with it a little more I will post some more information.

Hacking

Draw one card at a time on a three card game.

In order to preform this simple cheat click [Ctrl] + [Alt] + [Shift] and click the card stack.

Automatically Win

To automatically win solitaire press [Shift] + [Alt] + 2. This will cause the cards to bounce around as if you won the game.

Automatically Move Cards

To quickly move files up to the top four spots Right Click one of the four spots at the top. Right Clicking this way will quickly move all the cards that can be moved in that spot up to the top.

Get A High Score

Play the game as much as you want then press [Shift] + [Alt] + 2 to force a winning game. If you play quickly your bonus points can be over 20,000 points. Click the mouse on the game to stop the card waterfall and on the “Deal Again?” dialog box click on “No”. Press [Shift] + [Alt] + 2 again. The bonus points will be added again to the score and the card waterfall will start again. If you keep pressing [Shift] + [Alt] + 2 the score goes as high as want it.

Hacking