Author: Jackson G. Kaindume <email@example.com>
Date: Thu, 1 Sep 2022 21:21:41 +0200
6 files changed, 75 insertions(+), 3 deletions(-)
diff --git a/.gitignore b/.gitignore
@@ -1,4 +1,2 @@
-\ No newline at end of file
diff --git a/book/.gitignore b/book/.gitignore
@@ -0,0 +1 @@
diff --git a/book/book.toml b/book/book.toml
@@ -0,0 +1,6 @@
+authors = ["Jackson G. Kaindume"]
+language = "en"
+multilingual = false
+src = "src"
+title = "h4"
diff --git a/book/src/SUMMARY.md b/book/src/SUMMARY.md
@@ -0,0 +1,4 @@
diff --git a/book/src/apache.md b/book/src/apache.md
@@ -0,0 +1,15 @@
+> The Apache HTTP Server Project is an effort to develop and maintain
+> an open-source HTTP server for modern operating systems including
+> UNIX and Windows. The goal of this project is to provide a secure,
+> efficient and extensible server that provides HTTP services in sync
+> with the current HTTP standards.
+> The Apache HTTP Server ("httpd") was launched in 1995 and it has
+> been the most popular web server on the Internet since April 1996.
+> It has celebrated its 25th birthday as a project in February 2020.
diff --git a/book/src/hackthissite.md b/book/src/hackthissite.md
@@ -0,0 +1,49 @@
+# CTF Writeups
+## Hack This Site
+1. [Difficulty rating: Easy](https://www.hackthissite.org/missions/realistic/1/index.php)
+> From: HeavyMetalRyan
+> Message: Hey man, I need a big favour from you. Remember that
+> website I showed you once before? Uncle Arnold's Band Review Page?
+> Well, a long time ago I made a $500 bet with a friend that my band
+> would be at the top of the list by the end of the year. Well, as
+> you already know, two of my band members have died in a horrendous
+> car accident... but this ass hole still insists that the bet is on!
+> I know you're good with computers and stuff, so I was wondering, is
+> there any way for you to hack this website and make my band on the
+> top of the list? My band is Raging Inferno. Thanks a lot, man!
+If we visit the challenge's [webpage](https://www.hackthissite.org/missions/realistic/1/index.php)
+we see a page. The interesting parts of the page are the 5 sections
+of the 5 bands, the bands are ordered the top to bottom with the best
+band being on top and the worst being at the bottom of the list.
+Each section contains an HTML form, here is the form for the top band
+<form action="v.php" method="get">
+ <input type="hidden" name="PHPSESSID" value="abcaeadfc31a5c43b2534bf995c0553f">
+ <input type="hidden" name="id" value="4">
+ <select name="vote">
+ <option value="1">1</option>
+ <option value="2">2</option>
+ <option value="3">3</option>
+ <option value="4">4</option>
+ <option value="5">5</option>
+ <input type="submit" value="vote!">
+The form sends a `GET` request, this means that the form data will be
+appended to the URL in key/value pairs, this it looks for the first
+Where PHPSESSID is the session ID, id