DefendTheWeb.net, previously called HackThis.co.uk, is a very famous and well-known interactive security platform where you can learn and challenge your skills.. It contains challenges from several different cybersecurity fields.
I’ve decided to have a bit of fun and try to solve every single challenge presented, from the easiest to the hardest. (although easy and hard will be different depending on your skillset and field of expertise).
As I do with any challenge website, I WILL NEVER post the flag in cleartext, as it kills the fun and thrill of finding it, however I will post my way (or ways) of getting there. This is done in respect of the website’s security and non-disclosure policy, even when it doesn’t have one ;).
Challenge Intro 1
This challenge is rated as Bronze difficulty, which should be easy to solve. The author provides us with just simple instructions:
These playground levels are designed to challenge yourself and seek out the correct information to pass on to the next level. This is the first level so don’t expect anything to complicated. It is just a gauge of simple understanding and a gentle push in the right direction. You will need to find the login details for the form shown below. These are not your Defend the Web login details! Start poking around and see what you can uncover!
The page also contains two fields, respectively Username and Password, and the password field already contains something in there. As there is no other hint let’s inspect the code with our beloved Google Chrome Dev Tools (F12) and see what we can find. Let’s jump right into the Password section and move the input field type from Password to text. This will take all the DOTS from the password leaving us with the cleartext password. (It is the last line in this picture)
Now that we know the password but not the username, let’s poke around to see if we can find any other information that would lead us to the username. When looking for HTML comments “<!–” there is a clera line saying what is the user and password, so it looks like the one we found was a troll ;).
There we have it, I hope you like this one. See ya on the next challenge!
