Nouf

Level 2

Challenge:

Message: I have been informed that you have quite admirable hacking skills. Well, this racist hate group is using their website to organize a mass gathering of ignorant racist bastards. We cannot allow such bigoted aggression to happen. If you can gain access to their administrator page and post messages to their main page, we would be eternally grateful.

Solution:

nothing is attracted in the page, so I went to the source code and found update.php and it was a login page

I do not have any credentials so SQL Injection came to my mind, and bingo it is vulnerable

--

--

Level 1

Challenge:

Message: Hey man, I need a big favour from you. Remember that website I showed you once before? Uncle Arnold’s Band Review Page? Well, a long time ago I made a $500 bet with a friend that my band would be at the top of the list…

--

--

Level 11

Challenge:

Sam decided to make a music site. Unfortunately he does not understand Apache. This mission is a bit harder than the other basics.

Solution:

Started by using dirb

By visiting index.php, an input field is there! visiting the rest of the directories, I got a good start on /e directory

I got 1,t,o and the last one was n, I accessed all of these and there was not any protection!

--

--

Nouf

Nouf

PenTester & Challenges Solver