What is it? @.@

Here is the place where I record some tactics about wargame, systems, and other security issues.


Hack This Site! - Application 2


Application Challenges

Welcome to Hack This Site application challenges! In this variety of hacking challenges, you are given an application with an objective and you are expected to manipulate the operating system, the executable, or through other means to complete the level. Each challenge operates in a different way and will require different methods to go about completing the level.

Upon completion, the challenge will give you a password for you to enter on the website. This will update your HTS account, demonstrating that you have actually completed the level.

All application challenges can be beaten without brute-forcing. We encourage you to try what you like on the programs but please do NOT brute-force the website.

These levels are available for Windows(9X/ME/NT/2000/XP) and Macintosh(Mac OS X, Mac OS classic with carbon) systems only. If anyone is interested in developing *nix versions of these application challenges, please contact us - basic socket programming experience is necessary.

Level 2
Application Challenge 2
Find the Password. (easy)
app2win.zip   app2mac.sit
Enter password:
level up!
  1. At first, you need to download one of the files from the HTS website depending on your OS. I chose the Windows one.
  2. After unzip the archive, there's an executable file named 'app2win.exe'. Execute it, then it will require you to enter a serial number for verifying the software license.

  3. In additional, there's a hint for you : "Note: You must to be connected to the internet in order to authenticate your serial number.". You could input something, press the "Authenticate" button and sniff the network traffic in the meantime. After that, you'll find out there's a URL for authentication.

  4. Yes, here they are. The valid serial numbers are listed in the URL below.
    Reference: hxxp://www.hackthissite.org/missions/application/app2/keys123.txt
  5. Choose one of the serial numbers and authenticate it. Then, the application will show you the password like below.
    Congratulations! The password to this level is 'liberation'.
  6. Enter the password. Congratulations, you have successfully completed application 2!