hackertest.net level 9 :: Hidden or not
by Arxleol on Wednesday 28.01.2009, under hackertest.net, tutorial
I hope that you are learning something from this site and from the hackertest.net at least I hope so. And if you are your usual practice now when you open web page is to check source code but this time source is hidden and we need to figure out way to find and read source before there is anything we can do about this page. Another thing is background image since we have examined this one already there is no need to go there again.
However, solution is simple again to find code just mark the page in firefox this can be done by either clicking <CTRL>+ <A> or by right click on the page and then Select All or by choosing Edit menu and then Select All again so Edit->Select All
Now do not click for <CTRL>+<A> because it will not work you have to right click somewhere on the page and then choose from the drop down menu View Selection Source.
There are also harder ways to do this but this one is at least for me easiest and most direct way to find code.
After you selected view selection source from drop down menu new window appears and you are able to see source code that was not there before. Note the long html comment in the end of the page. Scrolling left and right of the page you eventually fin this:
Password: Z2F6ZWJydWg= add a page extention to that
Providing us with hint how to pass to the next level, but as it appears level 9 is line between intermediate and beginners tests so our trouble doesn’t end here we need to figure out what is extensions of the file. Now here only simple logic can help us and nothing else. After trying few notable extensions for the files like html, php and so on. I figuredĀ that there is something else around the password. And it is logical in fact, passwords are usually encoded and almost never stored in the pure text form. So after some googling I’ve found that this encoding is in fact Base64 you may read more about this encryption on wikipedia. To be honest I have never heard about this encryption but when I read more about it and saw where it is used I was a bit ashamed.
Now I did some more googling and found that there are many descriptors for Base64 and one of them did nice job decrypting our string hash into the following: gazebruh
Now let’s end this mission by finding the final URL of the next level by posting some extensions to the string in bold above. After a while lucky guess is finally php and here is solution URL for the level 10
http://www.hackertest.net/gazebruh.php
For all questions, remarks, feedbacks and everything else please use comments. Thank you for reading, if you have any questions feel free to drop comment 
Wednesday 05.08.2009 on 17:08
how can you find that “this encoding is in fact Base64″ ?
Thursday 13.08.2009 on 00:31
Well, to be honest it takes a bit experience to be able to recognize encoding when you see it at first glance.
However, there are many password crackers on the market that are able to recognize encoding when you input encrypted string.
Ax
Thursday 20.08.2009 on 18:49
sa_DF.-fa-sG.sd-.a-s.d-as.d-AS.a-F
Thursday 03.12.2009 on 00:11
[...] http://www.hackertest.net/phat.php level9 [...]
Monday 07.06.2010 on 20:56
What decryptor did you use?
Tuesday 08.06.2010 on 00:37
I think it was this one. Honestly I am not sure however, this one works for sure: http://www.motobit.com/util/base64-decoder-encoder.asp