I was not surprised when a person with minor or no knowledge in computing able to bot. I learn a lesson from a technician, Google is always your best friend. Yes, indeed that many of us make use of Google (or maybe any other search engine out there). Well, we could make use of the search engine to search for hack! Let’s go through a situation related to hacking.

Before you continue, please bear in mind that this article is for educational purposes and I held no liability over lost of anything, including the lost of fun in playing a facebook game. If you feel uneasy with this article, kindly leave this site.

Situation 1

I was tired of playing Facebook – Friends For Sale where I was too lazy to work my pets, but in the other way round I want to gain more cash. My brain was thinking how to find a way to automate the job?

I searched for “FFS autowork” in Google. It directs me to userscripts website where all scripts under Greasemonkey, a Firefox Plugin. Then, I just install the plugin and searched for the FFS Autowork Script. I found one script, FFS Cheater but it have some problem, the script is mad! It will work my pets non-stop neglecting the interval between jobs where it will generate errors, non-stop.

However, I was able to turn the verdict where I made some minor code changes to the javascript file. I changed the following: FFS.work(); changed to window.setTimeout(FFS.work, 7000); where I modify the execution of the script after every 7 seconds where it’s near to ideal time for interval between jobs.

Then, I work it with Greasemonkey. Presto!

I had uploaded the script here. You might want to test it out.

Oh wait! What is this situation related to title? Shouldn’t this article be named “FFS Bot by HeHeHunter”? Calm down… I am still writing Situation 2.

Note: In case you have anything to ask or I missed out something, feel free to comment below.

MISSION 4 METHOD IS NO LONGER WORKING!

Sam has gotten wise to all the people who wrote their own forms to get the password. Rather than actually learn the password, he decided to make his email program a little more secure.

If you plan to use the Mission 4 method, it won’t work… and you will get error. Darn… Are we gone? Apparently, no. Instead we have two methods to deal with this situation; the newbie method and the pro method. Pick one!

What You Need?

For the Newbies:

1. Basic HTML Knowledge to read the source.
2. Mozilla Firefox with Firebug Addon installed.
3. Your E-mail address.

For the Pros:

1. Basic HTML Knowledge to read the source.
2. Basic Javascript Knowledge. – javascript:alert()
3. Your E-mail address.

Let’s Start Hacking!

The source code is just like mission 4, but Sam changed his server side to read the referrer.

Why method in mission 4 doesn’t work? Because now Sam’s website detects the origination of the website. If you use mission 4 method, you will get an error because the source is not from his website! So, we have only one choice, edit from his website instead.

Newbies method:

If you installed firebug, learn to use firebug to change the e-mail address.

Pros method:

Use the following javascript to change your e-mail:

javascript:alert(document.forms[0].to.value)

Need me to say more?

Spoiler

I don’t recommend you to read further from here if you want to test out your skills/knowledge. However, if you wish to cheat yourself or you are really unable to solve this puzzle although I gave you the tips, go ahead.

To view the spoiler, highlight below (left click your mouse and drag around the below area):

Pro method: Paste this on your URL address bar:
javascript:alert( document.forms[0].to.value = "yourname@e-mail.com" )
and click Send Password to Sam.

Feel free to leave some comments.

FORGETFUL SAM

This time Sam hardcoded the password into the script. However, the password is long and complex, and Sam is often forgetful. So he wrote a script that would email his password to him automatically in case he forgot.

E-mail? Seriously? If you cannot remember the password, please use an easy to remember password.

What You Need?

1. Basic HTML Knowledge.
2. A Browser.
3. Notepad or Notepad++.
4. Your E-mail address.

Let’s Start Hacking!

The send e-mail button is there for a reason. Let’s read the source.

<form action="/missions/basic/4/level4.php" method="post">
<input type="hidden" name="to" value="webmaster@hulla-balloo.com" />
<input type="submit" value="Send password to Sam" /></form></center><br /><br /><center><b>Password:</b><br />
<form action="/missions/basic/4/index.php" method="post">
<input type="password" name="password" /><br /><br />
<input type="submit" value="submit" /></form>

Interesting. Now we know that the e-mail will be sent to “webmaster@hulla-balloo.com” whenever he forget the password. What are we going to do now? Hack his e-mail? Believe me, this would be the last thing you would want to do.

Now, what we can do is to save the webpage. How? Click File and Save Page As… Then you open the file with Notepad or Notepad++. Edit some fields and save it. Then open with your browser again.

Tips: You need to change two fields and not one.

Spoiler

I don’t recommend you to read further from here if you want to test out your skills/knowledge. However, if you wish to cheat yourself or you are really unable to solve this puzzle although I gave you the tips, go ahead.

To view the spoiler, highlight below (left click your mouse and drag around the below area):

Change /missions/basic/4/level4.php to http://www.hackthissite.org/missions/basic/4/level4.php This is because, if you did not change it, it will go to <the place you save the webpage>/missions/basic/4/level4.php instead of the website’s level4.php file.

I hope you learn about saving a webpage and HTML editing today. Feel free to leave some comments.

I UPLOADED THE PASSWORD!

This time Network Security Sam remembered to upload the password file, but there were deeper problems than that.

What You Need?

1. Basic HTML knowledge + learn to Read Source.
2. A Browser.

Let’s Start Hacking!

This time, he remembered to upload the password. Oh noes! We won’t be able to hack anymore!

WAIT! Not really…

Let’s view the source. If you do not know how to view source, please read Basic Mission 1.

Damn! There’s no <!-- Tags, and he remembered to upload password file. What can we do? View the source and we get some interesting stuff.

<form action="/missions/basic/3/index.php" method="post">
<input type="hidden" name="file" value="password.php" />
<input type="password" name="password" /><br /><br />
<input type="submit" value="submit" /></form>

What can you see? Okay, I’ll give you some tips. You need to change the URL at the address bar.

Spoiler

I don’t recommend you to read further from here if you want to test out your skills/knowledge. However, if you wish to cheat yourself or you are really unable to solve this puzzle although I gave you the tips, go ahead.

To view the spoiler, highlight below (left click your mouse and drag around the below area):

<input type="hidden" name="file" value="password.php" />

Now, go to the URL Bar and key in http://www.hackthissite.org/missions/basic/3/password.php

This will reveal the password. Simple explanation, whenever you key in a password and click submit, it will check password.php file either it’s the correct password or not. If you are getting the wrong password, it will say invalid password.

I hope you learn something about HTML today. Feel free to leave some comments.

COMMON SENSE

Network Security Sam set up a password protection script. He made it load the real password from an unencrypted text file and compare it to the password the user enters. However, he neglected to upload the password file…

What You Need?

1. Common sense. Durrr…
2. A Browser.

Let’s Start Hacking!

If you had passed Basic Mission 1, you might want to view the source for this. However, you couldn’t find any <!-- tags like previous mission. So, you are dumbfounded. You are so angry now, and tried to brute force the password with some characters and ended up getting incorrect password.

I am going to give you some tips, read the situation again. If you cannot get it, read and read and read. If you get the answer, congratulations!

Spoiler

I don’t recommend you to read further from here if you want to test out your skills/knowledge. However, if you wish to cheat yourself or you are really unable to solve this puzzle although I gave you the tips, go ahead.

To view the spoiler, highlight below (left click your mouse and drag around the below area):

This is the most basic mission. Link to Basic Mission 1.

THE IDIOT TEST

This level is what we call “The Idiot Test”, if you can’t complete it, don’t give up on learning all you can, but, don’t go begging to someone else for the answer, thats one way to get you hated/made fun of. Enter the password and you can continue.

Well, this mission is basically simple, all you need to do is just get the password. Are you planning to brute force the password? There’s no need to, I swear!

What You Need?

1. Basic HTML Knowledge – HTML Comments.
2. A Browser. Preferably Mozilla Firefox.

Let’s Start Hacking!

First, you need to understand a few things about HTML. What is HTML? HTML refers to HyperText Markup Language. What we need to learn here is the use of the following HTML:
<!-- Sample Text -->

The above refers to HTML Comments. HTML Comments is used by script writers to understand their code better. Normally, this is ignored by the browser, therefore it will not appear on the page.

How are we going to read the comments if it is not appearing on the page? This is a real simple question. Basically, all you need to do is just click the VIEW option in your browser’s toolbar and select SOURCE or PAGE SOURCE. This will open a window that shows you the HTML code of the page.

Spoiler

I don’t recommend you to read further from here if you want to test out your skills/knowledge. However, if you wish to cheat yourself or you are really unable to solve this puzzle although I gave you the tips, go ahead.

To view the spoiler, highlight below (left click your mouse and drag around the below area):

This is not the exact password. You need to check the password yourself.

I hope you learn something about HTML today. Feel free to leave some comments.

There are various challenges / missions for hackers to learn from:

1. Basic
2. Realistic
3. Application
4. Programming
5. ExtBasic
6. Javascript
7. Stego
8. IRC

So, if you wish to test out your knowledge about hacking, this would be the best place for you. All you need to do is just register as a member to enjoy all the privilege.

I will try to provide you with some tips to solve the puzzle from time to time.