Hack This Site: Realistic Mission 3 - Peace Poetry: HACKED

Click here: LEVEL 3

I remember that here I write SPOILERS!

I RECOMMEND to win the level alone, using also Google for Theory of arguments

 

First of all, we go into source page.

We note that, below the page in the last rows, there is a comment that says:

 So, we go to:

https://www.hackthissite.org/missions/realistic/3/oldindex.html

and this link leads us to old index page of Peace Poetry.

Then, we click on "Submit Poetry", moving us to

https://www.hackthissite.org/missions/realistic/3/submitpoems.php

The submission form for new poems doesn't check entries. It is easy to erase content of the entire website using this vulnerability!

So, if you simply type in the name of your poem, it will be saved in the current directory. You need to submit the source of the oldindex.html as index.html and also in the correct place. For that you need to go up one directory. This is accomplished by '../' , which is prefixed to the name of our file 'index.html'.

We can overwrite index.html with oldindex.html because, the site, instead of automatically renaming files with the same name, it pastes them directly over the old one, so it overwrites them.

So, into "Name of poem" form, we type

../index.html

and into "Poem" form we paste the source code of oldindex.html page

Then, we click on ADD POEM!

I remember that:
The Unix command ../ tells us to go into the parent file directory (Back-Up A Directory Basically) and adding ../index.html tells the server to back-up a directory and save this as index.html.

Since we added the source code for the young ladies site as the content for the file (poem), it overwrites the propaganda site (@ index.html) with our young ladies "Peace Poetry" site, thus re-instating HER site as the main index.html page, NOT the hackers.
That is also how the hacker "hacked" his own propaganda site in the first place!
She should really make sure her server sanitizes requests!

===============> HTS: Realistic Mission 4