Click here: LEVEL 9
I remember that here I write SPOILERS!
I RECOMMEND to win the level alone, using also Google for Theory of arguments
I RECOMMEND to win the level alone, using also Google for Theory of arguments
"The password is again hidden in an unknown file. However, the script that was previously used to find it has some limitations.
Requirements: Knowledge of SSI, UNIX directory structure."
Back in the previous mission, we know that the file that is supposed to
containt our name is stored in this directory
"/var/www/hackthissite.org/html/missions/basic/8/tmp/" and we got the
directory listing of "/var/www/hackthissite.org/html/missions/basic/8/"
with this command:
<!--#exec cmd="ls .."-->
where the two dots
mean: one level up.
What we need to do is to climb another level up
(/var/www/hackthissite.org/html/missions/basic/) and list the content of
the folder named "9" (/var/www/hackthissite.org/html/missions/basic/9/)
where the file containing the password is, the SSI command will be
"<!--#exec cmd="ls ../../9/"-->"
once you submit this in the form of Level 8, you will
get the name of the file containing the password. Once done, append it
to this address "http://www.hackthissite.org/html/missions/basic/9/", and you will have:
https://www.hackthissite.org/missions/basic/9/p91e283zc3.php
===============> HTS: Basic Mission 10
Nessun commento:
Posta un commento