Hi guys.
I'm here to go for level 7 now lets get it start but i apologize u all that i posted this very late but now lets rock:
Level 7
this level says:
This time Network Security sam has saved the unencrypted level7 password in an obscurely named file saved in this very directory.
In other unrelated news, Sam has set up a script that returns the output from the UNIX cal command. Here is the script:
Step 1: Linux Basics
for this level we should know basic command of Linux if you dont know i suggest you to go for these:
https://en.wikipedia.org/wiki/List_of_Unix_commands
https://null-byte.wonderhowto.com/how-to/linux-basics/
you can use any of them but i used 2nd link to learn and 1st link to view the table.
Step 2: Main Mission
Now back to our mission, in this one, network security Sam practices security through the ignorance of hackers. as for protecting his password, he has hidden it in a script with an obscure file name, but in "unrelated" news he has made a script that returns the output of the Linux command "cal", and what this command does, is that it displays a simple calendar. This is where combining commands comes in handy.
Indeed, by appending the combining command "&&" and the UNIX command "ls" we can do a full listing of the current directory, this is the output that I got (after entering "&& ls"):
Lets Tell It Clearly:
Step 1:
see the pic:
I typed ''2015'' as a year it will show me 2015 year as you see below:
it show us this because of "cal" command
Step 2:
now see this one:
i have typed "&& Is" instead of "2015" it wont show me the year it show me this:
Step 3:
if you see highlighted text and 3 others it means you did right now it's time to copy highlighted text and paste it in the end of the URL instead of "cal.pl"
Step 4:
you see a string that is the pass we want go back to the level 7 page and enter it to the pass input-box you should see this
Extras
You may ask what are 3 others that I said lets explain it:
cal.pl
this is the page that i attached the pic here it is:
index.php
it's the main page which you enter the pas or && Is
level7.php
The correct file is cal.pl - this file exists for consistency purposes and is NOT part of the mission.
it will show you that
In My Next Post
in near future i will tell you about mission 8 remember that for level 8 to 11 you should know Linux basics which OTW told everything about it in this link
Just updated your iPhone to iOS 18? You'll find a ton of hot new features for some of your most-used Apple apps. Dive in and see for yourself:
2 Comments
I was waiting for Part 3 for long lol xD
wait for part 4 dude!
Share Your Thoughts