HellBoundHackers, or simply HBH, is a very famous and well-known security challenge based website. It contains challenges from several different cybersecurity fields.
I’ve decided to have a bit of fun and try to solve every single challenge presented, from the easiest to the hardest. (although easy and hard will be different depending on your skillset and field of expertise).
As I do with any challenge website, I WILL NEVER post the flag in cleartext, as it kills the fun and thrill of finding it, however I will post my way (or ways) of getting there. This is done in respect of the website’s security and non-disclosure policy, even when it doesn’t have one ;).
Web Hacking Challenge 2
Since we are not idiots anymore (please check my previous post called “HellBoundHackers Basic Web Hacking Challenge 1“) we can move on to the second challenge. This time the author does provide us with a bit of information:
My friend Drake has begin to program in HTML and he made this IFRAME, but the host of the website has kicked him out, and he doesnt remember where is this IFRAME reading it from.
We are also presented again with an input field and submit button next to a text saying:
Welcome to my first IFRAME page
Time for iframe hunting! After using our beloved Google Chrome Developer Tools again (a.k.a. F12) to check the code for the term “IFRAME“, it can be found very easily:

There we have it, simply put the whole IFRAME URL in the input field and click submit. See you on the next challenge!