Isa test Writeup, isatestwriteup

Isa test Writeup, isatestwriteup

The new hack game is very simple. Now it's only 7-off. It's an entry level. You can play it if you have nothing to do. Http://helloisa.com/

LEVEL 1: Observe the page carefully. The first step of intrusion is to collect information that may generate value.

Ps: it is best to use Google or Firefox


Enter the password in the following dialog box.

Right-click to view source code

<H3> LEVEL 1
	<! --
	!!! Prompt !!!
	Analyzing web source code is a basic skill for hackers.
	Now that you have seen this sentence
	It means that you have met the basic requirements for joining us.
	The password for entering the second level is: 186ba6199019568b69315a0f15ae7547
	!!! Prompt !!!
	-->

LEVEL 2: Are you familiar with the following strings?
If you are familiar with it, submit the password !~
OTFkY2ZjMGNlOWE5MzcxN2VlN2U4MmYyZDQxNTA2YjQ =




Base64 Decoding

Key: 91dcfc0ce9a93717ee7e82f2d41506b4

LEVEL 3 the customs clearance password has been provided and filled in, but it seems that it cannot be submitted.

Right-click to view source code

<H3> LEVEL 3
	The password for customs clearance has been provided and filled in. <span class = "redcolor"> it seems that the password cannot be submitted </span> <br/>
	<! -- Bypassing <span class = "redcolor"> Local verification of web pages </span> is a required skill for hackers <br/> check the Code submitted by the form carefully, you will have unexpected gains -->
	<Div>
	<Br/>
	<Form id = "form" action = "index. php" method = "GET" autocomplete = "off" onsubmit = "return check ();">
	Password: <input name = 'pwd' type = "text" size = "50" value = "e555c3455a01_abbdbb2467fe3edf82"/>
	<Input name = 'l' type = "hidden" value = "3"/>
	<Input name = 'A' type = "hidden" value = "c"/>
	<Input type = "submit" value = "submit">
	</Form>
	</Div>
	<Script>
	Function check (){
	If (! Form. pwd. value ){
	Alert ("the password cannot be blank ");
	} Else if (form. pwd. value. length> 30 ){
	Alert ("the password cannot be longer than 30 characters ");
	} Else {
	Alert ("the password is e555c3455a0da-abbdbb2467fe3edf82 ");
	Form. pwd. value = 'e555c3455a01_abbdbb2467fe3edf82 ';
	}
	Return false;
	}
	</Script>

You can see that when you click Submit, it will enter the check function. Therefore, if you do not click Submit, you can directly submit it using the get parameter of the url.

Change the url a = s to a = c.

Construct url: http://helloisa.com/test/index.php? L = 3 & a = c & pwd = e555c3455a01_abbdbb2467fe3edf82

LEVEL 4 the picture below is the Community LOGO, and the password for the next LEVEL is in it ~

Download the image and hex (open in the hexadecimal editor)

At the bottom of the page, the key is not garbled.

Key: 2bda-1c871613d0f80224f9c4317bab4

LEVEL 5 the password is very simple, that is: the site domain name owner's E-mail

Whois Query

Key: xing3389@126.com

LEVEL 6 has reached this LEVEL. Maybe you think the test is very simple.

So it's hard, right?
I won't give you any tips, but I can tell you clearly that the password has already been given to you.

F12, view the header

Set-Cookie: ISA_Level_6_password = 1ec8635c58b30741acf1311cb0178edb

LEVEL 7 our inertial thinking will hinder us
But even if I clearly tell you what the password is

Can you pass the customs clearance?

......

According to the prompt inertial thinking and clear instructions

What is the password?

What is isa slot?

Isa slot is a very old slot that is mainly used to plug in the old sound card and so on. Its function is basically equivalent to the current pci slot. The slot speed is actually very slow, and now it has been eliminated.
It is much longer than pc.
Newtest.cn#cn/...00.jpg
Black slot is.

PCI/ISA motherboard detection card usage

Well. Motherboard detection cards are commonly used. I usually use it when my computer cannot be started.

The main board will output a series of codes to PCI during power-on. The function of the detection card is to capture and display these codes.
It is 00 at boot time, and then goes to the desktop FF step by step with the motherboard self-check
If the motherboard fails, it cannot be started. Then the code will stop at the fault location. We can know which device is faulty.
Common fault codes.
00 the motherboard has stopped before it starts self-check, indicating that the CPU is broken or the motherboard is not working.
C1 memory is not good or bad.
26. The video card is not good or bad.

These are the common basics. You can find all the codes on the motherboard manual or on the Internet. Some do not understand. For example
03 clear the 8042 keyboard controller and issue the TEST-KBRD command (AAH ). Power-on delay completed. ROM B10S check that the part is in progress or fails ."
If we do not know the exact meaning of the stop to 03, we should at least know that it is a problem with the keyboard controller or BIOS on the motherboard. That is to say, there is a problem with the motherboard.