SSI stands for server side includes. These are dynamic HTML commands executed by the server and not the browser. As the intro of the mission already pointed us to SSI this mission would be simple now.

The password is yet again hidden in an unknown file. Sam’s daughter has begun learning PHP, and has a small script to demonstrate her knowledge. Requirements: Knowledge of SSI (dynamic html executed by the server, rather than the browser).

Furthermore when we open the mission we see a story, somewhat like level7, the password being hidden in a file and we being provided with the file directory. All we are left to do is find the file name.

Continue reading “HACKTHISSITE.ORG | Basic 8: SSI”


Sam still believes saving the password in a file is still the best way to remember it and keep it secured, time to prove him wrong once again. As the description says the password is in the same directory(folder) as we are.

This time Network Security Sam has saved the unencrypted level7 password in an obscurely named file saved in this very directory.

The second line of the description tell us about one another news that came from Sam, about setting up an UNIX cal command script and with that we are provided with the script even.

Continue reading “HACKTHISSITE.ORG | Basic 7: Unix”

HACKTHISSITE.ORG | Basic 4: Changing the scripts

This time Sam hardcoded the password into the script. However, the password is long and complex, and Sam is often forgetful. So he wrote a script that would email his password to him automatically in case he forgot.

Now, as we see, Sam is quite forgetful, and he forgets his password all the time, so he wrote some script that would mail him the password. Lets begin with checking the source code as we always do.

Continue reading “HACKTHISSITE.ORG | Basic 4: Changing the scripts”

HACKTHISSITE.ORG | Basic 3: Deep into HTML

This level takes us little more deeper into HTML. Lessons learnt in previous levels should be remembered they can be useful any time.

This time Network Security Sam remembered to upload the password file, but there were deeper problems than that.

This time the password file is there, but with deeper problems. Lets just follow the simple steps we had learn in level 1 i.e. check out the source code.

Continue reading “HACKTHISSITE.ORG | Basic 3: Deep into HTML”