Main:
This is an article to help you pass the basic levels..There are no spoilers just a few hints..Enjoy!
Basic 18-27(-24)(spoiler free)
____Basic 18____
Ok you read the description but what the hell is blind something well it's got the letters that is an abbreviation of something;)
So what you need to do now is read up on Blind *** and try and see if you can use it to your advantage.I would start by reading:
http://www.hellboundhackers.org/articles/345-blind-sql-injection.html
Then reading:
http://www.hellboundhackers.org/forum/viewthread.php?forum_id=7&thread_id=12870#110991
to push you in the right direction
____Basic 19____
Well he know it's something to do with the header so read up on it google it etc. and go to:
http://web-sniffer.net/
And find out what the password is!But it's encrypted:0 How do we know what type of encryption it is???:(
OH!Look the site has told us find a decryption tool for that encryption decrypt it and there's your answer!
My personal favorite is:
http://www.senses0.org.mv/popzees/rot/rotn.php
____Basic 20____
Well it says who you can login as so why don't you!
Great now you should see a message saying logged in as fire.But we don't want to be fire.WHO do we want to be??That didn't work:(I know lets try a type of injection in the login page.That didn't work.Mabey we should mix the two together;)
____Basic 21____
This is a challenge that stumps almost everyone.Here is my advice to complete the challenge:
read this PDF:
www.ngssoftware.com/papers/advanced_sql_injection.pdf
After you read it try and put what you've learnt into action.
HINT:Use the error message;)
____Basic 22____
Google up on Unix commands and use the one which will help you most.View the source to find a dir and use that dir in the command.Here's a little help:
http://www.indiana.edu/~uitspubs/b017/
Hint:You want to list the files in that directory;)
____Basic 23____
Alright well by looking at the description we know it's RFI.So if you don't know how to use it google!Right so let's look at the URL:
http://www.hellboundhackers.org/challenges/basic23/site/show.php?page=news
or
http://www.hellboundhackers.org/challenges/basic23/site/show.php?page=about
So putting the RFI into practice.
Hint:When you use the exploit you have do put in a particular site.
____Basic 24____
N/A
____Basic 25____
Here you have to obscure something that the actual HBH website owns;)After you get that thing change it to decimals and you have it!
____Basic 26____
Alright so we are faced with XSS...or are we?..Read this:
http://www.hellboundhackers.org/articles/748-css-xss.html
Now you should have a general jist of what to do.So try it out.HUZZAH!!You got it.
____Basic 27____
Right well if you read the description it gives you a pretty big clue.So try to right something like 'hello' it comes out saying hello so you might think this is easy!I'll just write <script>alert(1)</script> unfortunately that's not the case.As you can see it takes away the script part so you're left with:
alert(1)
hmmm now try posting <
Yay that worked!So it filters the 'script'part of what you type so if you typed:
1script1
it would come out with 11.See where I'm going with this??Good!
Hope that helped!
Please rate.
SaMTHG
P.S Admins if you think my 'hints' are too much of a spoiler please edit them.Thanks
____Basic 18____
Ok you read the description but what the hell is blind something well it's got the letters that is an abbreviation of something;)
So what you need to do now is read up on Blind *** and try and see if you can use it to your advantage.I would start by reading:
http://www.hellboundhackers.org/articles/345-blind-sql-injection.html
Then reading:
http://www.hellboundhackers.org/forum/viewthread.php?forum_id=7&thread_id=12870#110991
to push you in the right direction
____Basic 19____
Well he know it's something to do with the header so read up on it google it etc. and go to:
http://web-sniffer.net/
And find out what the password is!But it's encrypted:0 How do we know what type of encryption it is???:(
OH!Look the site has told us find a decryption tool for that encryption decrypt it and there's your answer!
My personal favorite is:
http://www.senses0.org.mv/popzees/rot/rotn.php
____Basic 20____
Well it says who you can login as so why don't you!
Great now you should see a message saying logged in as fire.But we don't want to be fire.WHO do we want to be??That didn't work:(I know lets try a type of injection in the login page.That didn't work.Mabey we should mix the two together;)
____Basic 21____
This is a challenge that stumps almost everyone.Here is my advice to complete the challenge:
read this PDF:
www.ngssoftware.com/papers/advanced_sql_injection.pdf
After you read it try and put what you've learnt into action.
HINT:Use the error message;)
____Basic 22____
Google up on Unix commands and use the one which will help you most.View the source to find a dir and use that dir in the command.Here's a little help:
http://www.indiana.edu/~uitspubs/b017/
Hint:You want to list the files in that directory;)
____Basic 23____
Alright well by looking at the description we know it's RFI.So if you don't know how to use it google!Right so let's look at the URL:
http://www.hellboundhackers.org/challenges/basic23/site/show.php?page=news
or
http://www.hellboundhackers.org/challenges/basic23/site/show.php?page=about
So putting the RFI into practice.
Hint:When you use the exploit you have do put in a particular site.
____Basic 24____
N/A
____Basic 25____
Here you have to obscure something that the actual HBH website owns;)After you get that thing change it to decimals and you have it!
____Basic 26____
Alright so we are faced with XSS...or are we?..Read this:
http://www.hellboundhackers.org/articles/748-css-xss.html
Now you should have a general jist of what to do.So try it out.HUZZAH!!You got it.
____Basic 27____
Right well if you read the description it gives you a pretty big clue.So try to right something like 'hello' it comes out saying hello so you might think this is easy!I'll just write <script>alert(1)</script> unfortunately that's not the case.As you can see it takes away the script part so you're left with:
alert(1)
hmmm now try posting <
Yay that worked!So it filters the 'script'part of what you type so if you typed:
1script1
it would come out with 11.See where I'm going with this??Good!
Hope that helped!
Please rate.
SaMTHG
P.S Admins if you think my 'hints' are too much of a spoiler please edit them.Thanks
Posted by 
I know lets try a type of injection in the login page.That didn't work.Mabey we should mix the two together
