Basic Mission 8 Solution

Rendering Error in layout Widget/Social: Call to a member function exists() on null. Please enable debug mode for more information.
4 years 10 months ago #75 by thaGH05T
This is the eighth basic mission that can be found at Hack This Site . Please use this as a reference or to help you when you get stuck. This is not intended for people to just breeze on by the missions. Besides, what's the fun in that???

Scenario - Sam remains confident that an obscured password file is still the best idea, but he screwed up with the calendar program. Sam has saved the un-encrypted password file in /var/www/ However, Sam's young daughter Stephanie has just learned to program in PHP. She's talented for her age, but she knows nothing about security. She recently learned about saving files, and she wrote a script to demonstrate her ability.

This is a bit harder because it requires knowledge of SSI (Server Side Includes) and SSI Injection. You need to go ahead and look that up to understand this next one. But where the girl failed at was not sanitizing user input. The command to use in the form she created is '<!--#exec cmd="ls ../"-->'. So you may copy everything between the single quotes there and submit it. Then just click the link to see the directory output. You will see the obfuscated file au12ha39vc.php and I am sure you know what to do after that.

Warning: Spoiler! [ Click to expand ]
The topic has been locked.

Who's Online

We have 261 guests and no members online


  • asish-mishra
  • Ateequeahmed
  • microsoftsux
  • Mikeo419
  • adedayo924