Basic (all solutions, with videos)

This post will show you how to complete all the basic missions on

I've gone through all of the steps, from Basic 1 all the way through to Basic 11. They're pretty simple tasks, and for many of them there's a video tutorial included.

Oh, and use the table of content below to quick skip to the one that you're looking for. It'll save you scrolling and scrolling!

Please, do try to figure it out before you use the solution. After all, it's far more reward to figure it out by yourself without seeing the answer. There is no learning in that, just copying!

There are many free resources on the internet that you can use to advanced your learning if you're unsure about any of the approaches, what produces certain outcomes, and how to implement/spot certain things.

HackThisSite Basic 1

This test is the proclaimed "idiot test". It really requires little effort at all. Honestly, you should need to follow a solution to figure this one out. But here it is anyway.

right click and inspect code

Inspect the page's HTML code

Right-click anywhere on the page, and go to Inspect. This will bring up the source code of the page. You'll see all the of the HTML code.

Goto the Element selector (top-left), and click it.

high element in inspect code

Hover over the page with the element highlighter

Go to the highlight element option. Mentioned in the previous section.


Hover over the form until it's highlighted. See above.

When you click it, it'll skip to where the code for this section if specified in the console panel. There, you'll be able to find the password used to complete the level.


Locate the password in a HTML comment

And then find the HTML comment under the class "sit buffer". If you're struggling to find it, use the search function and type "password".


Copy and paste the password into the input field, and then submit.

Hack This Site Basic 2

In this test we're told that Sam has set up a script that loads the password from an encrypted text file.


This is really easy..

Note this part, it's really significant. So, just click Submit.


It's really that easy, no need to dig through the HTML source!

Hack This Site Basic 3

This time, Sam uploads a password file, so it's not as simple as in the last task. So let's open up the Inspect element again.


Inspect the form

Now, we know we'll start by inspecting the form again. By hovering over it with the element highlighter.


Find the hidden file

Then you'll notice that the form has a hidden input, with a value of password.php. Let's navigate there are see if there is any information that can help.

hackthissite basic 3 password link
Click image to go there directly.

Locate the password

And there we have it, an ill-stored password ready to be copied and pasted into the input box.


Hack This Site Basic 4

In this mission you find that Sam has put his password in a script once again, but this time it will email him automatically in case he forgets. So, lets inspect the send password button.


Find the hidden email value with inspect element

Then, in the inspection window, you'll find there are two inputs in the form.


Change the email to your own

The top input contains a "to" value, which is obviously an email address. Double click on the value, and replace this with your own email address.


Once that's set, click on the Send Password to Sam button.


The password will be emailled to the provided email address, only if it's the registered email address used to sign up to the website.

Hack This Site Basic 5

This is exactly the same as Basic 4...


Hack This Site Basic 6

This test requires you did some decryption. But fortunately you've got a form that allows you to encrypt different inputs.


Encrypt a simple string of characters

Lets start by entering in a load of 0's, so we can see how each one reacts.

Note that eight 0's have been input. This is the same amount of characters in the encrypted password.

Analyse the encrypted output

The encrypted string that gets returned has an obvious pattern. Add the characters index position in string, to the character.


Use this to crack the encrypted password

So we need to minus each value from the encrypted password, starting with "1-:". But, to give ":" and other alphabet characters a value, we need to convert it to ASCII format.

This table from AsciiTable gives each character a value, it really doesn't matter which value (Dev, Hx...) that you take away from.

Subtract the values from the ASCII values

After subtracting the values from the encrypted string using the "0 string", we are given the following result (work this out in notepad).


Hack This Site Basic 7

In this test, Sam has put his password in an obscurely named file. He has also installed a calendar script that uses Unix commands.


Test the input form first

If you input 2000, it returns a whole bunch of calendars.


Inject your own code after it

Let's exploit this by injecting our own commands into this! For this, we'll need the ls command.


Why this works

The script is probably running something like "cal USERINPUT".

Now, by injecting this command, we're making the script run "cal USERINPUT && ls". This is essentially two commands combined into one, with ls listing all the files in the current directory.


Locate the obscure file

We'll go for the most obscure file here, and navigate there directly to find the password.


Hack This Site Basic 8

First of all, we know that the password is stored encrypted in the following location:


The input box takes some input, a string, and then creates a file.


Test the input form

Create a file, then view it.


Research SHTML

Notice that the URL links to a .shtml file.


Exploit SSI

That means that we can inject some server-side code! I'm no expert in SSI, so we'll pull some info from another site.


This is what the commands look like. We can use this to execute commands too!


Try SSI with LS command

So let's try the following command:

<!--#exec cmd="ls"-->

Escape the current directory

Now we also noticed in the first instance that we created a file, that the files were being stored in a /tmp location.


We need to escape this folder. This can be done using "../", after the "ls" command.

<!--#exec cmd="ls ../"-->

This "../" will execute the "ls" command in the /basic/8/ folder. The folder above.

Locate obscure file


This gives us the obscure password file that we can then navigate to. Remembering not to use the /tmp folder.

Get the password


Hack This Site Basic 9

This test builds on the exact same principles as Basic 8. So, go back to basic 8 so you have the input form again!


Edit the SSI used in Basic 8

Now you need to edit the previous command slightly. Before we used:

<!--#exec cmd="ls ../"-->

This executed the "ls" command in the "/basic/8/" folder. Now we need to get up into the "/basic/" folder, then down into the "/basic/9/" folder before we execute "ls"!

<!--#exec cmd="ls ../../9/"-->

Locate the hidden file


Get the password

Then we navigate to the file. Remember to change the folder to "/basic/9/".


Hack This Site Basic 10

After picking through the HTML source for a while, it'll become obvious that there's little to go by. So, where are some other places that scripts can determine your authorisation?


Analyze your Cookies with Inspect

To find your cookies, try first submitting a random password, then go back. Inspect element, and go to Application tab.


Change the authorization value

You'll see a row with name "level10_authorized" and value "no". Set this value to "maybe" -- just kidding, set it to "yes", then click Submit.


Hack This Site Basic 11

Now this mission is touted as being harder than the others, and rightly so. When you start, you'll notice that the song's change whenever you refresh the page.


Figure out the artist

A simple google search will show that these are Elton John songs:


Find the hidden /e directory

So lets search for the directory /e, for Elton John.


Follow the directories, then open the .htaccess file

We're then lead through the letters until we get to /n. At which point there are no more files. Perhaps because the files are hidden! So lets check the .htaccess file.


Find DaAnswer

Next we browse to /DaAnswer.


Use the password hidden in plain sight

We finally head over to /index.php, and submit our answer "around".


Leave a Comment

Your email address will not be published. Required fields are marked *