LEVEL 11 PHP sourcecode: <? $defaultdata = array( "showpassword"=>"no", "bgcolor"=>"#ffffff"); function xor_encrypt($in) { $key = '<censored>'; $text = $in; $outText...

LEVEL 0 The password for the next level is embedded in the HTML source code as a comment. <!–The password for natas1 is gtVrDuiDfck831PqWsLEZy5gyDz1clto –>   LEVEL 1 You can find the ...

Recon This site is a basic e-commerce site with just a few products filled in as examples. Magento is the platform and it’s very well-known. Port Scan NMAP doesn’t show anything out of the ord...

Recon: The website isn’t bare, but most of the links found don’t actually go anywhere. The only page with anything really going on is ‘Rooms’, where you’ll find the links to the rooms are PHP re...

Recon Port scan Jumping into this box with a basic NMAP scan shows us a couple of interesting things. First, the SSH server, but that’s pretty normal for HTB boxes. I tried to log into it with ...