This level takes us little more deeper into HTML. Lessons learnt in previous levels should be remembered they can be useful any time.
This time Network Security Sam remembered to upload the password file, but there were deeper problems than that.
This time the password file is there, but with deeper problems. Lets just follow the simple steps we had learn in level 1 i.e. check out the source code.
<form action=”/missions/basic/3/index.php” method=”post”>
<input type=”hidden” name=”file” value=”password.php” />
<input type=”password” name=”password” /><br /><br />
<input type=”submit” value=”submit” /></form>
The value attribute of input tag shows us a password.php value in it. All that is left to do is access this file through your web browser, by typing out the complete address in your browser’s navigation browser. If you are still wondering about the path of the file, try reading about URL’s , their types and there workings in order to work this out.
What did we learn?
Checking out the source code is still in priority. As well as the code in php files is hidden only till the code is inside the php tags, the code outside the php tags is still visible as a part of html or javascirpt code as used.