HackThisSite Basic Challenge 4

How to Solve Basic Mission Number Four on Hack This Site

Introduction to the Challenge

• Malik introduces the fourth basic mission of Hack This Site, emphasizing familiarity with HTML coding and directory traversal from previous missions.

• He notes that there are multiple ways to solve this mission, but he will demonstrate his approach.

Requirements for the Mission

• The challenge requires knowledge of HTML and the specific email address used for setting up a Hack This Site profile. Users can change their email in settings if needed.

• Malik explains that Sam, a character in the scenario, has hardcoded his password into a script that sends it via email when a button is clicked.

Modifying the Script

• The goal is to modify the script so that it sends the password to your own email instead of Sam's.

• Malik recommends using Firebug for inspecting elements on web pages, which allows users to view and temporarily change HTML code.

Steps to Complete the Mission

• View and inspect elements using Firebug or similar tools. Identify what needs changing in order to receive an email with the password.

• Malik demonstrates how to right-click on the button and use "Inspect Element" to find relevant code snippets related to sending emails.

Executing Changes

• He shows how to change Sam's email address in the input field by double-clicking it and replacing it with your own (e.g., malikme.com).

• After modifying the input field, he clicks on "send password" and confirms successful submission.

Conclusion of Task

• Malik checks his junk folder for an email containing the password after successfully completing all steps.

Understanding Client-Side Code Submission

Overview of Mission Number Five

• The speaker discusses modifying client-side code to change the submission target from Sam to themselves, indicating a successful retrieval of the password.

• This mission is described as more complex than previous challenges, introducing additional security measures that require deeper knowledge.

Required Skills and Tools

• Emphasis is placed on the necessity of understanding HTML and JavaScript for this mission, highlighting an increase in complexity.

• The mention of needing an email address suggests that participants will be engaging with web technologies that involve user authentication or communication.

Technical Challenges Ahead

• The speaker notes the need for familiarity with tools like Firebug JS, indicating that debugging and manipulation of JavaScript will be essential.