Hackthis Introduction (Basic level)

Basic Level 1

Download this b1.txt file and open

Garbled
Let's pull the file into Ubuntu and see what's going on.

The original is a BMP file was changed to the suffix of txt, no wonder a bunch of garbled
Modify suffix Name

Open it


Basic Level 2

Browser Default UA is limited access, find an extension to change the browser UA to Secure_user_agent.
I was using the user Agent switcher this expansion

After the UA was refreshed, it passed.

I do not know the meaning of the question, the investigation you do not understand UA. I was looking for the "Security User Agent" where, I didn't think the answer was the right one.

Basic Level 3

This is related to flash, but Flash does not know why not to load, temporarily did not

Refer to other people's solutions, you can do this

Add a form to the F12 and the bottom will appear

Click to pass, but the post URL and the data format of the post is still not understand

Basic Level 4

I thought it was the same as the first one. This picture has a problem, with the file command to look at, did not find anything
Then look at the picture properties and discover

So username fill James,password fill I like chocolate
Error
and changed password to chocolate.
Pass

Basic Level 5

Here's another picture.
Repeat the first and fourth off the method, did not find anything, so use Notepad open the file to see

This picture was stuffed with a txt, normally open the picture when you do not see
We'll change the file to a zip suffix, then open it.

The hidden txt appears and opens the TXT

Here's the answer.

Basic Level 6

The first one is for you to fill in the server IP address
Check with webmaster Tools

IP is 85.159.213.101 (this site does not use CDN, so it is easier to find the IP address)

The second is to let you fill in which company the server is placed in
Then use webmaster Tools to check the domain name

DNS shows that the Linode

A third X-b6-key header
This thing really did not see, Baidu does not end. Google on a look, there are a lot of people to do this problem is stuck, see some reply said to see the source code
So open the source code and look at it.

It's actually ... e-mail. That's confusing.
Open the mailbox there is a registration when the website sent a confirmation email

However, I filled out no-reply@defendtheweb.co.uk,defendtheweb.co.uk,no-reply,hackthis all wrong, helpless after a search, found that need to use Gmail mailbox to view the original message function, I use is protonmail, do not know this function where, had to copy answer: lajklsb#! " 3jlak

Basic Level 7

We are running a suspicious service and it will give you the answer
Then scan and see what services are running.

6460 and 6776, these two ports are a bit suspicious, telnet to see

6776 that response, Mapthat.
Submit after filling in Mapthat

Basic level End