What is it? @.@

Here is the place where I record some tactics about wargame, systems, and other security issues.

2012-09-25

Hack This Site! - Application 1

Description:

Application Challenges

Welcome to Hack This Site application challenges! In this variety of hacking challenges, you are given an application with an objective and you are expected to manipulate the operating system, the executable, or through other means to complete the level. Each challenge operates in a different way and will require different methods to go about completing the level.

Upon completion, the challenge will give you a password for you to enter on the website. This will update your HTS account, demonstrating that you have actually completed the level.

All application challenges can be beaten without brute-forcing. We encourage you to try what you like on the programs but please do NOT brute-force the website.

These levels are available for Windows(9X/ME/NT/2000/XP) and Macintosh(Mac OS X, Mac OS classic with carbon) systems only. If anyone is interested in developing *nix versions of these application challenges, please contact us - basic socket programming experience is necessary.

Level 1
Application Challenge 1
Find the password (easy)
app1win.zip   app1mac.sit   (unix)
Enter password:
_____________
|_____________|
level up!
Solution:
  1. First, you need to download one of the three files from HTS website depending on your OS. I chose the windows one.
  2. After unzip the archive, you'll get an executable file named 'app1win.exe'. Execute it, and it requires you to enter a serial number for verifying the software license.
  3. Use a hex editor to open the executable file. I use 010 Editor to do so.
    Reference: http://www.sweetscape.com/010editor/
  4. Then, from the raw string inside the file, you could find the serial numbers. Just copy it and enter the SN. It'll show you the password like below.
    Contratulations! The password to this level is 'smashthestate'
  5. Congratulations, you have successfully completed application 1!