HackThisSite Realistic Mission 15
--
While the difficulty level is called insane on this mission, I actually had more fun doing this mission than the others. I will say the missions do help build the skills, but overall I’ve been writing software nearly every day since I turned 19. So I knew what things to Google and always interested about learning new languages.
Problem
Alright upgrading from hacking a search engine company to a weapons manufacture to find information about patents. So my initial thought is some kind of admin privilege is required to see work in progress type information on this page.
This mission is super long, so I don’t have a hint that covers everything, however you should know C is one of the few programming languages that require users to manage memory.
Solution
Alright so this one took me a bit of searching around as it isn’t immediately obvious that anything is unique/off about this website. However the one thing I did notice is the two forms you can send on the Questions page and Job application page didn’t require any input.
This is a good learning lesson that Inspect Element on every singe detail of a page, because after submitting the jobs application you’ll find someone used a different directory for images, then the other pages have been using.
So if we go into the URL and append “_backups_” we finally find an interesting clue.
Note: I found something else interesting too as a piece of information, if you click on the earth image on the top left then inspect element you’ll find this snippet:
After downloading the backup ZIP folder you’ll learn quickly that it has been password protected. The ZIP folder you can preview the filenames and it looks pretty important, my guess is this is some sort of backup copy of an older version of the website. I’m guessing the quote “…locks the front door twice, but leaves the backdoor open” means the…
