After the first few easy levels these missions tend to get really hard and good. In our last level we learned about stenography you can read more about it on Wikipedia, its always good to learn more.
Level 8 seems to be a bit difficult in the beginning, but you can always start with the basic steps and follow the further clues. If we check the source code for this mission their is nothing much you will find there except this.
<BODY BGCOLOR="ffffff" TEXT="000000" > <!-- YOU'RE LOOKING IN THE WRONG PLACE... GO BACK! -->
This doesn’t gives much help either but yet tells us that we need to look somewhere else. The second step that you can take is to check out the working of the form tag. So just leave the username and password boxes empty or type any random word and press Log in.
If you do this you will be taken to a page named phat.php, saying Authentication Failed. Try again. But if you check the source code for this page you will find your next clue.
<BODY BGCOLOR="ffffff" TEXT="000000" BG="images/phat.gif">
Another of those image, so lets just do some directory transversal and open the image. You will find that the image is all blank with just a statement at the right-bottom corner saying Look for .PhotoShopDocument.
The .PhotoShopDocument (aka .PSD) is an extension for photoshop images. But how and where do we find it? The first place you could look for that psd image is in the image directory. If you do directory transversal again and look into http://www.hackertest.net/images/ and look, you won’t find the file but it says Nice try 😉.
We don’t have anymore clues but one needs a kind of intuition to try and change the name of the file in the image directory to phat.psd from phat.gif. That’s what I did as the their was no other clue and I was supposed to look for .PSD file.
So you have the file, just open it with adobe photoshop or some other photoshop editor, in my case I used an online editor from pixlr. When you open this image you see something like the image on the right. This image contains different layers with different context on them. All that is left to be done is removing layers one by one and do it until the username and password start to appear.
If you don’t want to take the pain of installing all those softwares and figuring out the layers the username is zadmin and the password stebbins.
Latest posts by Abhishek Gupta (see all)
- Laravel Custom Exception Handlers - March 28, 2019
- Customizing Laravel validation JSON message format - March 20, 2019
- Time killer and addictive Google Games - March 19, 2019