HTS Realistic 1: Uncle Arnold’s Local Band Review

Your friend is being cheated out of hundreds of dollars. Help him make things even again!

In Realistic Mission 1 of Hack This Site, you need to help your poor friend out a bit in Uncle Arnold’s Local Band Review.

From: HeavyMetalRyan

Message: Hey man, I need a big favor from you. Remember that website I showed you once before? Uncle Arnold’s Band Review Page? Well, a long time ago I made a $500 bet with a friend that my band would be at the top of the list by the end of the year. Well, as you already know, two of my band members have died in a horrendous car accident… but this asshole still insists that the bet is on!
I know you’re good with computers and stuff, so I was wondering, is there any way for you to hack this website and make my band on the top of the list? My band is Raging Inferno. Thanks a lot, man!

Follow the link to Arnold’s site. Apart from the ugly design expected from a small personal bussiness, the first thing that you should notice is Imposing Republic’s rating of 23 — on a 1-5 scale! This hints that you should be able to give ratings which are higher than five in some way. Take a look at the source code. More specifically, the several identical forms for voting.

<form action="vote.php">
<input type="hidden" name="PHPSESSID" value="abcaeadfc31a5c53b2534bf995d0553f" />
<input type="hidden" name="id" value="0">
<select name="vote">
<option value=1>1
...
<option value=5>5
</select>
<input type="submit" value="vote!">
</form>

This is the code for the Raging Inferno’s voting form. As a hacker, you should intuitively think about sending unexpected values to every form that you encounter. In this case, what about a number greater than 5? Try it:

http://www.hackthissite.org/missions/realistic/1/vote.php?id=0&vote=1337&PHPSESSID=abcaeadfc31a5c53b2534bf995d0553f

Obviously, you should substitute the PHP session ID in the URL with your own session ID, which can be found in the source code. This code votes “1337″ for band #0, which happens to be HeavyMetalRyan’s Raging Inferno.

Mission accomplished.

Maybe Related?

Posted January 30, 2007 in Guides » Hack This Site.

74 Comments »

  1. That was just too easy, thx for the guide!

    Comment by Max — February 9, 2007 @ 5:02 pm

  2. Max, I’m glad I’m helping.

    Comment by Tim — February 9, 2007 @ 5:07 pm

  3. does it tell u tht u beat the mission or do u just kno

    pleeeeeeez reply soon

    and i need 2 know the exact code for hts basic web 8

    Comment by Franky — March 15, 2007 @ 11:24 pm

  4. Franky, you will be told when you complete the mission. What about reading the tutorial for Basic web 8?

    Comment by Tim — March 16, 2007 @ 5:10 am

  5. Thanks a lot for the answer, but I was wondering how that worked.

    Was it like an injection or what?

    P.S. I’m really new to this stuff and need to know how to understand it and not just the answers.

    Thank you for listening and if possible a reply.

    Comment by Ben — March 19, 2007 @ 9:02 pm

  6. Ben, I tried to explain why it works, too. It simply changes your vote; instead of voting 1-5, you can vote an arbitrary number.

    Comment by Tim — March 20, 2007 @ 3:03 pm

  7. Yo man this site is awesome the missions are pretty cool to

    Comment by Scout — April 25, 2007 @ 5:28 pm

  8. Tim, Ace site, you’ve been helpful on a few occasions now! I get how this level works and understand the code that makes it happen but what confused me is the ‘vagueness’ of the Uncle Arnold page, it doesn’t update when you vote?! Not b=very realistic (but hey, you didn’t write it). thanks again for your help.

    Comment by Dribbleskunk — April 29, 2007 @ 2:29 pm

  9. Dribbleskunk: Sorry for the late reply. I haven’t actually checked whether it updates. If it doesn’t, then yes. Very unrealistic. Are you sure that you are deleting the cookie from that site before voting?

    Comment by Tim — May 6, 2007 @ 8:44 am

  10. Hello,

    Could somebody help me to “change” some vote?

    It’s similar to “HTS Realistic 1: Uncle Arnold’s Local Band Review”

    Form Script is:
    ====================================================

    Yes


    No

    Result

    ====================================================

    I tried this
    http://www.SomeSite.com/?poll_id=22&vote_poll=1&poll_text_id=71

    but nothing happened

    Please tell me where I made a mistake.
    Thanxs

    Comment by CrazyBull — June 4, 2007 @ 10:29 pm

  11. come on that was far to easy. level 10 on the basics was easier. ive used the developer extension on firefox. so i could make the select field into a writable text field.
    but thx though.

    Comment by Anonymous — June 6, 2007 @ 8:19 am

  12. hi… i would like to understand how you got the “1337″ and the band number… ive been searching on the page source but its not there. i also installed the live http header but i dont see anything helpful… can you explain further how you got that address

    thanks

    Comment by christy — June 15, 2007 @ 12:58 pm

  13. Christy: “1337″ is just a random number, which is greater than five. The band ID is in the source, in a hidden input field called “id”.

    Comment by Tim — June 15, 2007 @ 9:44 pm

  14. Thats pretty awesome of you to go through and make walkthroughs for us.

    IMO, I learned alot more from reading the guides than I would have from sitting there trying to figure out what the hell I was supposed to do.

    Thanks
    =]

    Anthem~

    Comment by Anthem — June 17, 2007 @ 9:40 am

  15. =/ PHP is needed for this challenge… the sessionID has nothing to do with it… so why did you say it did? Use the: $_GET[''] php code But I still havn’t beaten it lol. I bypassed this one. Any ideas?

    Comment by Piggy — June 24, 2007 @ 3:14 am

  16. Piggy: sessionID is crucial unless you have cookies enabled. PHP, on the other hand, has nothing to do with it. Perhaps you shouldn’t comment the viability of my (correct) solution when you have not solved it yourself. Ideas? Please read the original post.

    Comment by Tim — June 24, 2007 @ 10:20 am

  17. Sorry, but people were just contradicting the sessionid theory in the IRC. That’s where I got the $_GET[''] idea from. It can be done with php, because people on there have done it. I do have cookies enabled. I don’t get how I would get MY session ID. The ID that is in the

    Comment by Piggy — June 24, 2007 @ 12:21 pm

  18. O_o… I thought that I was supposed to input that code into the form action… My bad lolz. Ty for the help!

    Comment by Piggy — June 24, 2007 @ 12:28 pm

  19. Piggy: No, you cannot do this with PHP since PHP is a server-side language. Uncle Arnold does use PHP, although PHP knowledge is neither needed nor useful for this mission. If you have cookies enabled, you do not need your session ID.

    Comment by Tim — June 24, 2007 @ 5:27 pm

  20. I don’t understand why is it not working. I copied and pasted that link just refreshes it. I’m confused.

    Comment by ??? — July 4, 2007 @ 8:43 pm

  21. Hi all!
    I pasted your link http://www.hackthissite.org/missions/realistic/1/vote.php?id=0&vote=1337&PHPSESSID=abcaeadfc31a5c53b2534bf995d0553f in address bar (of course with my PHPSESSID) but nothing happened :|. What’s problem here?

    Comment by dr_glum — July 5, 2007 @ 7:21 am

  22. Deleting the cookies doesn’t seem to work. I just get taken to the error page and I’m logged out. WTF!

    Comment by Anonymous — July 6, 2007 @ 2:29 am

  23. Deleting the cookies doesn’t seem to work. I just get taken to the error page and I’m logged out. WTF!

    Comment by asdf — July 6, 2007 @ 2:30 am

  24. dr_glum: Try enabling cookies. That way, you can skip the PHPSESSID part of the URL.

    asdf: Log in and do it again, but don’t vote for any other band this time. Then you won’t have to delete the cookie.

    Comment by Tim — July 7, 2007 @ 3:49 pm

  25. Why it redirects the page to this page:
    http://www.hackthissite.org/missions/realistic/1/index.php
    which exactly same as:
    http://www.hackthissite.org/missions/realistic/1/

    The line I use is:
    http://www.hackthissite.org/missions/realistic/1/vote.php?id=0&vote=666&PHPSESSID=abcaeadfc31a5c43b2534bf995c0553f

    I do enable cookie.
    But whyhy PHPSESSID are same everytime i refresh the page?

    Comment by sausage — July 7, 2007 @ 4:46 pm

  26. sausage: Your session ID will only change if you delete the cookies first.

    Comment by Tim — July 12, 2007 @ 9:07 pm

  27. I really don’t get it. Nothing’s working for me. It keeps bringing me to index.html

    Comment by psychofish25 — July 13, 2007 @ 2:07 pm

  28. how do i enable my cookies? I know how to delete them. And how do i know wat my phpsessid is? Which part in the source is it? Get back soon, n thanx alot!

    -Badest23

    Comment by Badest23 — July 16, 2007 @ 12:54 am

  29. Badest23: If cookies are saved, they are enabled. Disabling cookies means not accepting or saving any cookies. Your phpsessid should be shown in the URLs, unless you have cookies enabled. Just search the source for “form”, and you’ll probably find it. Anyway, it’s important to have an oversight of what the source looks like.

    Good luck.

    Comment by Tim — July 16, 2007 @ 2:28 pm

  30. I enter this on the url bar:
    http://www.hackthissite.org/missions/realistic/1/vote.php?id=0&vote=1337

    and the page format still the same:
    raging inferno at the bottom, etc. what should i do?

    Comment by Pirata Nervo — July 17, 2007 @ 8:40 am

  31. For some reason thsi doesn’t seem to be working for me. If anything, I hink it’s a problem on HTS’s end. I double-checked to make sure my PHPSESSID was correct but it still didn’t change so…any suggestions?

    Comment by Anonymous — July 24, 2007 @ 7:18 pm

  32. Pirata Nervo, Anonymous: Try with cookies both enabled and disabled. Remember to erase cookies between each attempt.

    Comment by Tim — July 24, 2007 @ 9:53 pm

  33. This really doesnt work

    Comment by Silver — July 25, 2007 @ 2:53 pm

  34. hey tim…u have helped me alot b4…
    but i didnt understand this test…can u plz explain from the begining again…plz…thnx alot pal…

    Comment by Rishi — July 27, 2007 @ 12:38 pm

  35. Silver: It worked perfectly fine for me.

    Rishi: Sorry, but you’ll have to ask more specific questions. I’ve already explained it all once.

    Comment by Tim — July 27, 2007 @ 11:29 pm

  36. Where in the source code do u find your own PHPSESSID. when i look at the source code it simply says the same as u have in your ecample, ‘abcdef’ etc…

    I tried using your example but nothing happened.

    Comment by Fall — August 3, 2007 @ 8:44 pm

  37. Fall: “abcdef” is not how it is in my example. You’ve probably found the right part.

    Comment by Tim — August 4, 2007 @ 10:26 am

  38. I also am having trouble. I have cookies enabled, and replace the /index.php at the end of the url with /vote.php?id=0&vote=12345, and nothing seems to happen. Same if I ad &PHPSESSID=[session id], and if I disable cookies (or delete the cookies) I get logged out.

    Comment by Anonymous — August 8, 2007 @ 2:01 am

  39. I see

    Looks like they changed the form to POST method so using vote.php?…. won’t work any longer. You’ll need to use either javascript injection, or write your own form against the handler page.

    Comment by Anonymous — August 8, 2007 @ 3:37 pm

  40. Thanks for pointing that out, Anonymous! Then you can write your own form, as in Basic 4.

    Comment by Tim — August 8, 2007 @ 7:13 pm

  41. how do i delete cookies? pweez help

    Comment by black star — August 11, 2007 @ 1:17 pm

  42. Black star: It depends on your browser. Usually, there is a button for it in the settings.

    Comment by Tim — August 11, 2007 @ 6:47 pm

  43. I cannot find my PHPSESSID… You can say I’m a idiot, but I just can’t find it! In which part of the source is it?

    Comment by proka_92 — August 13, 2007 @ 1:01 am

  44. when i paste the url on this site i return to the same page and when i disable or enable cookies i get the (u are not authorized to access that page)

    Comment by thejoker — August 14, 2007 @ 11:01 am

  45. sorry, the url from this site on hts ……..

    Comment by thejoker — August 14, 2007 @ 11:02 am

  46. pls could somebody tell me how to pass that mission cause i don´t have any what to do because al the ways i know didn´t work??

    Comment by thejoker — August 14, 2007 @ 11:18 am

  47. wtf i dont f****** get this shit

    Comment by hjghjh — August 15, 2007 @ 1:39 am

  48. So just putting in a url like that, will change it, nothing else

    Comment by MUDDUM — September 5, 2007 @ 10:18 pm

  49. Save the website to desktop.
    Edit the value of “Option 5″ to “999999″ instead of “5″ on the last band’s form.
    Also add “http://www.hackthissite.org/missions/realistic/1/” to the .
    Start the page and vote 5. Voila!

    Comment by Anonymous — September 8, 2007 @ 10:43 pm

  50. Also add “http://www.hackthissite.org/missions/realistic/1/” to the

    Comment by rizz — September 8, 2007 @ 10:45 pm

  51. I have a question. How can I hack the site so everyone else can see it as well and not just me?

    Comment by Kai — September 10, 2007 @ 12:33 am

  52. Kai, then you’d have to do it for real, which would probably be illegal.

    Comment by Tim — September 15, 2007 @ 8:19 am

  53. I still wanna know how…

    Comment by Kai — September 15, 2007 @ 2:42 pm

  54. The URL really didnt work for me. I downloaded a firefox add-on called “Web Developer” which has an option under miscellaneous labeled “edit html” It pops a small bar up with the pages html, and lets you edit it, then actually lets you apply it to the page, I just changed the value for 5 to 133337. It still said 5, but it actually voted 133337.

    In case anyone else couldnt get the URL to work. =]

    Comment by Ariel — September 19, 2007 @ 8:01 pm

  55. There is an extremely simpler way you can pass this, with flying colors none the less, you dont even have to have knowledge of php…..

    ok, a certain firefox addon called Tamper data works great.
    addon page:

    https://addons.mozilla.org/en-US/firefox/addon/966

    after you install it, go to Tools> Tamper data

    next go to the uncle arnolds local band review site, after that click Start tamper on the tamper data window,

    go down to the ban you want to win(Raging inferno), click the Vote button, and something should pop up, asking you if you would like to tamper……..

    Click yes of course :D

    on the right side of the tamper popup, there should be a simple command that is stating :

    Vote : 1

    Now since we didnt change our rating to 5, the default is 1, now what i did was changed this number to 100, after you enter that, click ok. another window should pop up asking you if you would liek to tamper the redirect page,uncheck the checkbox where it is asking you to continue tampering. and than just click submit…….

    congrats, you just beat the first realistic mission(with an alternate way)

    Comment by TaCo925 — September 23, 2007 @ 11:55 pm

  56. WOOOOT, THIS ONE WORKED, TY TACO

    Comment by Anonymous — October 8, 2007 @ 12:22 am

  57. Yeah!! I love TaCo you rock man

    Comment by Anonymous — October 8, 2007 @ 12:22 am

  58. Yours does not work, you have to change the code in notepad and do the thing you did for like basic 2 or 3

    Comment by Flyingape — October 24, 2007 @ 3:06 am

  59. I typed in http://www.hackthissite.org/missions/realistic/1/vote.php?id=0&vote=1337&PHPSESSID=abcaeadfc31a5c53b2534bf995d0553f, but nothing happened. where in the source code does it give YOUR session Id?

    Comment by Anonymous — November 4, 2007 @ 12:23 am

  60. I don’t get it. i did the whole URL thing and it still didn’t work and i tried taco’s way and it came up with an error page and i tried editing the code but that didn’t work either.

    Comment by lost — November 4, 2007 @ 10:43 pm

  61. thiz tuts not work for me
    so i decided to have another way

    just change
    this part

    12345

    5
    change that value
    with
    5

    Comment by this tut not work for me — November 5, 2007 @ 11:07 pm

  62. I don’t get what you mean when you say “you should substitute the PHP session ID in the URL with your own session ID, which can be found in the source code.” what does this mean?

    Comment by having truble — November 21, 2007 @ 7:13 pm

  63. Alright, i completed most of the basics trying to not use this site (too much), but for somereason this has got me stumped. What i was trying to do for a long time was save the code as a .txt , change it, and open it as a URL. But i decided that must be way off. Then i reread this walkthrough and it seemed I am supposed to put the changed code into the url bar? If i am was off base here someone plz let me know. Thanks.

    Comment by Skatefrogg — November 26, 2007 @ 7:38 am

  64. After 5 on the source add 1000 for your band.Then click apply changes.Then vote for 1000 and you ‘ve done it.

    Comment by sk81722 — January 1, 2008 @ 6:49 pm

  65. javascript:alert(document.forms[4].vote.options[0].value = 1337)

    That’s what I did before I found this site. After doing this, choosing ‘1′ in the Raging Inferno vote box and clicking vote will result in you completing the challenge. Much easier in my opinion. :D

    Comment by LolSalad — January 24, 2008 @ 5:56 am

  66. LolSalad, that works great. Thanks! (The tutorial didn’t work for me.)

    Comment by Anonymous — February 19, 2008 @ 6:36 pm

  67. Somethings wrong with it now; it doesn’t work. I put the code in and nothing happens

    Comment by Enad — February 29, 2008 @ 12:41 am

  68. u see I just don’t get anything when I type what’s written above it just shows the same page over and over again. Cud u help me out,please?

    Comment by tomgeorge88 — March 6, 2008 @ 11:37 am

  69. I have tried this and it doesn’t work.. I have my own special methods which help me… I will post here

    1. Install Opera, Its a web browser.
    2. Goto Uncles Review page, Right click and choose View source
    3. Scroll down till you find the vote part for Raging Inferno. If you check the values they are. ‘Value=1′
    Change ‘Value=1′ to ‘Value=1337888′ And Apply Changes
    4. Goto Raging inferno and select 1 and vote.. CONGRATZ !!

    If you need help with these steps add me on MSN dominic_r_monroe@yahoo.co.uk
    Call me master if u speak.. lol

    Comment by LilMonEar2K8 — March 10, 2008 @ 8:28 pm

  70. I’m not supposed to install Opera in the computer I’m using. can u suggest some other way?

    Comment by tomgeorge88 — March 17, 2008 @ 11:32 am

  71. I used Ariel’s method and it worked fantastically. Especially after I tried the original method for quite a while and this way only took a few seconds of tooling around. Thanks for the wealth info everyone is providing!

    Comment by anon — March 19, 2008 @ 11:01 pm

  72. try this one:
    http://www.hackthissite.org/missions/realistic/1/v.php?PHPSESSID=abcaeadfc31a5c43b2534bf995c0553f&id=3&vote=55
    it works just fine for me.
    I copy the page to my desktop, cahnge it to .html run it in Firefox
    and then i got this error when i tried to vote for the band in any number: Firefox can’t find the file at /home/user/Desktop/v.php?PHPSESSID=abcaeadfc31a5c43b2534bf995c0553f&id=3&vote=3
    I change the 3 and the end a voila!!!

    Comment by Esteban — June 14, 2008 @ 12:04 am

  73. http://www.hackthissite.org/missions/realistic/1/v.php?PHPSESSID=abcaeadfc31a5c43b2534bf995c0553f&id=3&vote=“6-~”

    just put ur number more than 6 in vote=….
    cause number 1 till 5 is number’s of vote so u could direct to http://www.hackthissite.org/missions/realistic/1/index.php

    Comment by alan — July 9, 2008 @ 2:44 pm

  74. Oops. That didn’t show.
    Well, under ” option value=”4″ “, copy that code and past it below. Change 4 to 2000.
    Then follow what I posted above.

    Comment by Amanda — August 10, 2008 @ 7:29 pm

RSS feed for comments on this post. TrackBack URI

Leave a comment

FireStats iconAnvänder FireStats