Hi guys.
I'm here to go for level 7 now lets get it start but i apologize u all that i posted this very late but now lets rock:
Level 7
this level says:
This time Network Security sam has saved the unencrypted level7 password in an obscurely named file saved in this very directory.
In other unrelated news, Sam has set up a script that returns the output from the UNIX cal command. Here is the script:
Step 1: Linux Basics
for this level we should know basic command of Linux if you dont know i suggest you to go for these:
https://en.wikipedia.org/wiki/List_of_Unix_commands
https://null-byte.wonderhowto.com/how-to/linux-basics/
you can use any of them but i used 2nd link to learn and 1st link to view the table.
Step 2: Main Mission
Now back to our mission, in this one, network security Sam practices security through the ignorance of hackers. as for protecting his password, he has hidden it in a script with an obscure file name, but in "unrelated" news he has made a script that returns the output of the Linux command "cal", and what this command does, is that it displays a simple calendar. This is where combining commands comes in handy.
Indeed, by appending the combining command "&&" and the UNIX command "ls" we can do a full listing of the current directory, this is the output that I got (after entering "&& ls"):
Lets Tell It Clearly:
Step 1:
see the pic:
I typed ''2015'' as a year it will show me 2015 year as you see below:
it show us this because of "cal" command
Step 2:
now see this one:
i have typed "&& Is" instead of "2015" it wont show me the year it show me this:
Step 3:
if you see highlighted text and 3 others it means you did right now it's time to copy highlighted text and paste it in the end of the URL instead of "cal.pl"
Step 4:
you see a string that is the pass we want go back to the level 7 page and enter it to the pass input-box you should see this
Extras
You may ask what are 3 others that I said lets explain it:
cal.pl
this is the page that i attached the pic here it is:
index.php
it's the main page which you enter the pas or && Is
level7.php
The correct file is cal.pl - this file exists for consistency purposes and is NOT part of the mission.
it will show you that
In My Next Post
in near future i will tell you about mission 8 remember that for level 8 to 11 you should know Linux basics which OTW told everything about it in this link
Just updated your iPhone? You'll find new emoji, enhanced security, podcast transcripts, Apple Cash virtual numbers, and other useful features. There are even new additions hidden within Safari. Find out what's new and changed on your iPhone with the iOS 17.4 update.
2 Comments
I was waiting for Part 3 for long lol xD
wait for part 4 dude!
Share Your Thoughts