How websites work

What term best describes the side your browser renders a website?

Client side

Let's play with some HTML! On the right-hand side, you should see a box that renders HTML - If you enter some HTML into the box and click the green "Render HTML Code" button, it will render your HTML on the page; you should see an image of some cats.

Follow the instructions of the task

No answer needed

One of the images on the cat website is broken - fix it, and the image will reveal the hidden text answer!

Look for the cat-2 image in the HTML Code window. You can see that the file extension is not specified. Add the jpg-extension and click on the "Render HTML Code"-button. If done correctly the second cat image will be displayed including the answer to the question:

HTMLHERO

Add a dog image to the page by adding another img tag () on line 11. The dog image location is img/dog-1.png

Add the following line below the line for the cat-2.jpg: <img src='img/dog-1.png'> Press the "Render HTML Code"-button and an image of a dog will be displayed containing the answer:

DOGHTML

JavaScript

Click the "View Site" button on this task. On the right-hand side, add JavaScript that changes the demo element's content to "Hack the Planet"

Follow the instructions. In the code-window exchange the content of the <div id="demo">Hi there!</div> to <div id="demo">Hack the Planet</div>. Click the "Render HTML+JS Code"-button and a popup will show up giving us the answer:

JSISFUN

Add the button HTML from this task that changes the element's text to "Button Clicked" on the editor on the right, update the code by clicking the "Render HTML+JS Code" button and then click the button.

Exchange the lines

<script type="text/javascript"> // add your JavaScript here </script>

with the lines

<button onclick='document.getElementById("demo").innerHTML = "Button Clicked";'>Click Me!</button>.

Click the "Render HTML+JS Code"-button and the button in the "Rendered HTML Code"-window saying "Click Me!". There is no flag to submit but you should do the exercise nonetheless.

No answer needed

Sensitive Data Exposure

View the website on this task. What is the password hidden in the source code?

Open the static lab-site. By right-clicking on the "Username"-input-field and selecting the "Inspect(Q)"-option you will get the source-code of the lab-site. There you will find a comment saying:

TODO: Remove test credentials! Username: admin Password: testpasswd

This tells you the answer to the question:

testpasswd

HTML Injection

View the website on this task and inject HTML so that a malicious link to `http://hacker.com` is shown.

Deploy the lab-site. Enter the following code into the "What's your name?"-input-field and press the "Say Hi"-button:

<a href="http://hacker.com">name</a>

A prompt will be displayed giving you the answer to the question:

HTML_INJ3CTI0N

THM How websites work - grunt92/IT-Sec-WriteUps GitHub Wiki

How websites work

What term best describes the side your browser renders a website?

Let's play with some HTML! On the right-hand side, you should see a box that renders HTML - If you enter some HTML into the box and click the green "Render HTML Code" button, it will render your HTML on the page; you should see an image of some cats.

One of the images on the cat website is broken - fix it, and the image will reveal the hidden text answer!

Add a dog image to the page by adding another img tag () on line 11. The dog image location is img/dog-1.png

JavaScript

Click the "View Site" button on this task. On the right-hand side, add JavaScript that changes the demo element's content to "Hack the Planet"

Add the button HTML from this task that changes the element's text to "Button Clicked" on the editor on the right, update the code by clicking the "Render HTML+JS Code" button and then click the button.

Sensitive Data Exposure

View the website on this task. What is the password hidden in the source code?

HTML Injection

View the website on this task and inject HTML so that a malicious link to `http://hacker.com` is shown.

⚠️ GitHub.com Fallback ⚠️

THM How websites work - grunt92/IT-Sec-WriteUps GitHub Wiki

How websites work

What term best describes the side your browser renders a website?

Let's play with some HTML! On the right-hand side, you should see a box that renders HTML - If you enter some HTML into the box and click the green "Render HTML Code" button, it will render your HTML on the page; you should see an image of some cats.

One of the images on the cat website is broken - fix it, and the image will reveal the hidden text answer!

Add a dog image to the page by adding another img tag () on line 11. The dog image location is img/dog-1.png

JavaScript

Click the "View Site" button on this task. On the right-hand side, add JavaScript that changes the demo element's content to "Hack the Planet"

Add the button HTML from this task that changes the element's text to "Button Clicked" on the editor on the right, update the code by clicking the "Render HTML+JS Code" button and then click the button.

Sensitive Data Exposure

View the website on this task. What is the password hidden in the source code?

HTML Injection

View the website on this task and inject HTML so that a malicious link to http://hacker.com is shown.

⚠️ **GitHub.com Fallback** ⚠️

View the website on this task and inject HTML so that a malicious link to `http://hacker.com` is shown.

⚠️ GitHub.com Fallback ⚠️