dexter@aeron7.com

Directory Transversal Method

Reading the source code to a page is probably the first thing you should do just to get an idea of what the page is made of. After I read the source code I found this html comment:

“Note to the webmaster. This website has been hacked, but not totally destroyed. The old website is still up. I simply copied the old index.html file to oldindex.html and remade this one. Sorry about the inconvenience.”

at the bottom. That’s right the hacker was nice enough to tell us where he put the old site.

Since poems are saved and stored online we can assume that the hacker submitted the name of the poem to be:

../index.html

and the poem field is the code indicating the page has been hacked.

Why are we using “../” well if you remember in HTS Basic Level 9 directory transversal it means to go up one directory.

So what do we need to do…Well go to oldindex.html view the source and copy the code. Go to the submit page and in the “Name of the Poem” filed enter:
../index.html
and in the “Poem” field paste the source code and submit.

About the Author

Aloha, I'm Amit Ghosh, a web entrepreneur and avid blogger. Bitten by entrepreneurial bug, I got kicked out from college and ended up being millionaire and running a digital media company named Aeron7 headquartered at Lithuania.

Related Posts

Basic Mission 1   I can call you a pretty dumb as per you are now viewing the walkthrough for...

Basic Mission 2   I can again call you a pretty dumb as per you are now again viewing the walk...

Basic Mission 3   Have a look at the source code of that page and have you noticed the form section?...

Leave a Reply