Basic Mission 7 Solution


Rendering Error in layout Widget/Social: Call to a member function exists() on null. Please enable debug mode for more information.
More
4 years 10 months ago - 4 years 10 months ago #74 by thaGH05T
This is the seventh basic mission that can be found at Hack This Site . Please use this as a reference or to help you when you get stuck. This is not intended for people to just breeze on by the missions. Besides, what's the fun in that???

Scenario - This time Network Security Sam has saved the un-encrypted level7 password in an obscurely named file saved in this very directory. In other unrelated news, Sam has set up a script that returns the output from the UNIX cal command. Here is the script:

Now we are straying away a bit from the actual page code and encryption. On this page we can see that there is a script that will run to show us a calendar of our choice by taking our input. We were already told that the UNIX cal command is being used. If we hadn't we could have easily inspected the form and seen it using the cal .pl script or alternatively in the browser bar on submission. That being said, lets try to add another simple command to the mix. I used a ls to list the current directory. Now we have to remember to separate this command from the one already being run by using a semicolon. After we do this it lists the obfuscated file right below the calendar. How about we travel to that file to check it out hmm?

Warning: Spoiler! [ Click to expand ]
Last edit: 4 years 10 months ago by thaGH05T.
The topic has been locked.

Who's Online

We have 166 guests and one member online

  • user_20190825041806

N00BZ

  • arslan123
  • ldijkstra
  • erik1188
  • Berti22
  • wanderson-monteiro

Cookies