PDA

View Full Version : Network Security sam Help!

ENNO
10-22-2007, 07:41 PM
I finally hot a brick wall on these basic tasks!!..heres the low down,this task is from a site called "Hack this site"(perfectly legal)and its used as a training ground for practicing you knowledge of web architecture...but im stuck on task 7,if anyone could give me a push in the right direction it would be great :)


This time Network Security sam has saved the unencrypted level7 password in an obscurely named file saved in this very directory.

In other unrelated news, Sam has set up a script that returns the output from the UNIX cal command. Here is the script:

There is a little box where I can enter a a year,ill put in 1997 and i get a calander of that year like so

January 1997
Mon Tue Wed Thu Fri Sat Sun
1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31



This goes all the way to december..

so i know i need to use a unix command but am stumped on what one to use,I have looked up a unix bible and could find anything?

below is the page source
ENNO
10-22-2007, 07:42 PM
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Hack This Site!</title>
<meta name="verify-v1" content="s/YXn7eQrMBoF9PL5jLJDiWpAxEXpJzE9JLg/zM4C2Y=" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta name="Author" content="HackThisSite.org Crew." />
<meta name="Description" content="HackThisSite! is a legal and safe network security resource where users test their hacking skills on various challenges and learn about hacking and network security. Also provided are articles, comprehensive and active forums, and guides and tutorials. Learn how to hack!" />
<meta name="KeyWords" content="hack, hackers, wargame, war, games, hacking, security, computer, web, root, website, mission, challenge, radical, revolution, digital, site, deface, tutorial, guide, wargames, hacker, culture, ethics, society, net, hacking challenges, programming, tutorials, hacking forums, hack forums" />
<link rel="icon" href="/favicon.ico" type="image/x-icon" />

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link href="/templates/default/green.css" rel="stylesheet" type="text/css" />
<link href="/pages/hts.rss.php" rel="alternate" type="application/rss+xml" title="HTS RSS feed" />
<base href="http://www.hackthissite.org/" />
</head>

<body>
<div id="topbar" align="center">
<a href="/" id="active">HackThisSite</a> -
<a href="http://www.rootthisbox.org">RootThisBox</a> -
<a href="http://www.criticalsecurity.net">Critical Security</a>

</div>
<div align="center" >
<table border="0" cellpadding="0" cellspacing="0" class="siteheader" >
<tr>
<td><a href="/"><img src="/templates/default/images/header.jpg" alt="Header Logo"
border="0" /></a></td><td>
<script language='JavaScript' type='text/javascript'>
<!--
//Preventing framing to get ad mone-added by SS
if (window != top) top.location.href = location.href;
if (!document.phpAds_used) document.phpAds_used = ',';
phpAds_random = new String (Math.random()); phpAds_random = phpAds_random.substring(2,11);

document.write ("<" + "script language='JavaScript' type='text/javascript' src='");
document.write ("http://admin.hackthissite.org/ads/adjs.php?n=" + phpAds_random);
document.write ("&amp;what=zone:1");
document.write ("&amp;exclude=" + document.phpAds_used);
if (document.referer)
document.write ("&amp;referer=" + escape(document.referer));
document.write ("'><" + "/script>");
//-->
</script></td>
</tr>
</table><br />
<table width="780" border="0" cellpadding="0" cellspacing="0" class="siteheader">

<tr>
<td class="sitetopheader"><img src="/images/quoteheader.php" alt="Header Fill" width="780" /></td>
</tr>
<tr>
<td><table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="160" valign="top" class="navbar"><div align="center">
<br />
<div>Hello, <a href="/user/view/MendedAuto/">MendedAuto</a><br />

<a href="/user/edit/191496/">Settings</a> - <a href="/?logout">Logout</a><br /><br /><a class="nav" href="/user/themes/"> Skin Chooser</a><br /><br />
<a class="nav" href="/pages/messages/msys/">Messages Center</a><br />
You have 0 messages.<br /></div>

<!-- <a href="http://radio.hackthissite.org">HTS Liberation Radio</a> -->

<h4 class="header">Challenges</h4>

<ul class="navigation">
<li><a class="nav" href="missions/basic/"><font class="incomplete">Basic missions</font></a><li><a class="nav" href="missions/realistic/"><font class="incomplete">Realistic missions</font></a><li><a class="nav" href="missions/application/"><font class="incomplete">Application missions</font></a><li><a class="nav" href="missions/programming/"><font class="incomplete">Programming missions</font></a><li><a class="nav" href="missions/logic/"><font class="incomplete">Logic missions</font></a><li><a class="nav" href="missions/extbasic/"><font class="incomplete">Extbasic missions</font></a><li><a class="nav" href="missions/javascript/"><font class="incomplete">Javascript missions</font></a>

</ul>

<h4 class="header">Get Informed</h4>

<ul class="navigation">
<li><a class="nav" href="/">News</a></li>
<li><a class="nav" href="/articles/">Articles</a></li>
<li><a class="nav" href="/lectures/">Lectures</a></li>
<li><a class="nav" href="/programs/programs.php">Useful Stuff</a></li>
<!--<li><a class="nav" href="/ebooks/">E-Books</a></li>-->
<!-- <li><a class="nav" href="http://www.disrespectcopyrights.net">Disrespect Copyrights</a></li>-->

<li><a class="nav" href="http://hackbloc.org/?action=zine">HackThisZine</a></li>
</ul>

<h4 class="header">Get Involved</h4>
<ul class="navigation">
<li><a class="nav" href="/pages/bugManagement/index.php">Submit Bug Report</a></li>
<li><a class="nav" href="/submit/article/">Submit Article</a></li>
<li><a class="nav" href="/submit/lecture/">Submit Lecture</a></li>

</ul>

<h4 class="header">Communicate</h4>
<ul class="navigation">
<li><a class="nav" href="http://criticalsecurity.net">Forums</a></li>
<li><a class="nav" href="http://qdb.hackthissite.org">IRC Quotes</a></li>
<li><a class="nav" href="/user/search/">Search Users</a></li>
<li><a class="nav" href="/user/online/">Who is online</a></li>

<li><a class="nav" href="/user/rankings/">Rankings</a></li>
<li><a class="nav" href="/pages/irc/irc.php">IRC Chat</a></li>
<li><a class="nav" href="/pages/irc/reference.php">IRC Command Reference</a></li>
</ul>

<!--<h4 class="header">Root This Box</h4>
<ul class="navigation>
<li><a class="nav" href="http://www.rootthisbox.org/pages/info/">About the project</a></li>
<li><a class="nav" href="http://www.rootthisbox.org/pages/scoreboard/">Scoreboard</a></li>
<li><a class="nav" href="http://www.rootthisbox.org/pages/boxes/boxes/">View boxes</a></li>
<li><a class="nav" href="http://www.rootthisbox.org/pages/boxes/submit.php">Submit a box</a></li>-->
</ul>
<div class="header">about HTS</div>

<p><a class="nav" href="/pages/info/guide.php">About the Project</a><br />
<a class="nav" href="/pages/info/billofrights.php">Bill of Rights</a><br />
<a class="nav" href="/pages/info/legal.php">Legal Disclaimer</a><br />
<a class="nav" href="/pages/info/passusaround.php">Pass us around!</a><br />
<a class="nav" href="/pages/info/staff.php">Meet the Staff!</a><br />
<a class="nav" href="/advertise/">Advertise with HTS</a>

<br />

<a class="nav" href="/hof/">Hall of Fame</a><br />
<br />




<a href="http://www.spreadfirefox.com/?q=affiliates&id=0&t=218"><img border="0" alt="Firefox 2" title="Firefox 2" src="http://sfx-images.mozilla.org/affiliates/Buttons/firefox2/ff2o80x15.gif"/></a></a><br />
<br />
<a href="/"><img src="../../images/hts_80x15_2.gif" width="80" height="15" border="0" alt="" /></a><br />

<a class="nav" href="/pages/info/linktous.php">Link to us!</a></p>

<p><b>partners</b><br /><br />
<a class="nav" href="http://www.hackbloc.org/"><img src="/images/linkhb.gif" border="0" alt="Hackbloc" width="88" height="31" /></a><br /><br />
<a class="nav" href="http://www.hellboundhackers.org/"><img src="images/hbhlogo.jpg" width="88" height="31" border="0" alt="Hellbound Hackers" /></a><br /><br />
<a class="nav" href="http://www.hack4u.org"><img src="images/hack4u.jpg" width="88" height="31" border="0" alt="Hack4u Challenges" /></a><br /><br />
<a class="nav" href="http://www.e-hack.org"><img src="images/88x31/e-hack.gif" width="88" height="31" border="0" alt="E-Hack.org, Turkish hackers zine" /></a><br /><br />
<a class="nav" href="http://www.undergroundsystems.org"><img src="http://www.undergroundsystems.org/images/animuslinkbutton.gif" width="88" height="31" border="0" alt="UndergroundSystems" /></a><br /><br />

<a class="nav" href="http://phoenix-network.org">phoenix free shells</a><br />
<a class="nav" href="http://hackergames.net/in.php?ID=199">hackergames.net</a><br />
<a class="nav" href="http://www.pulltheplug.org">PullThePlug</a><br />
<a class="nav" href="http://iptagger.com">IP
ENNO
10-22-2007, 07:43 PM
and again...


Tagger</a><br />
<a class="nav" href="http://downloadfirefox.ws">Firefox</a><br />
</p>

<!--
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick" />
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but04.gif" name="submit" alt="Make payments with PayPal - it's fast, free and secure!" />
<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHNwYJKoZIhvcNAQcEoIIHKDCCByQCAQExggEwMIIBLAIBAD CBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYD VQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW 5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2 ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQ AwDQYJKoZIhvcNAQEBBQAEgYA1/ObIIUcHcGaxvzv9i339f0DIwIXzgUvkIEW5ELuh4VN8tN7dlAB FofbLWsE80PFMwy6zzPMsrZSGahFI/V31NmwB8kaU337pNwjWlAD5HY7RkZEpspimfOeQnVGDUEftvKw foq83NACn0dMYscP8KwuERJ3hPqfFqAnpSs30SDELMAkGBSsOA wIaBQAwgbQGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIFRJGxh9 XARGAgZCxHOk4OslRQLuG4D8kF5msvKLsmg1nblPRPbeH9na6y 3c2l214xJrfhhJNfmg1fHgnsEwEJSBG25y+auattvlh60IYTKH 58pJXQGFwxKR6UuIp9NltFK7Hbv6zxwbkq72Y5XaWPKEFmBNxc UZwT9LadJGF0puOHOsi2e0Y/fj8FzIthOKUoExeS0YqX16zsFGgggOHMIIDgzCCAuygAwIBAgI BADANBgkqhkiG9w0BAQUFADCBjjELMAkGA1UEBhMCVVMxCzAJB gNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgY DVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0c zERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJ lQHBheXBhbC5jb20wHhcNMDQwMjEzMTAxMzE1WhcNMzUwMjEzM TAxMzE1WjCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRY wFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQY WwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQ IbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb 20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMFHTt38RMx LXJyO2SmS+Ndl72T7oKJ4u4uw+6awntALWh03PewmIJuzbALSc sTS4sZoS1fKciBGoh11gIfHzylvkdNe/hJl66/RGqrj5rFb08sAABNTzDTiqqNpJeBsYs/c2aiGozptX2RlnBktH+SUNpAajW724Nv2Wvhif6sFAgMBAAGjg e4wgeswHQYDVR0OBBYEFJaffLvGbxe9WT9S1wob7BDWZJRrMIG 7BgNVHSMEgbMwgbCAFJaffLvGbxe9WT9S1wob7BDWZJRroYGUp IGRMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgN VBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJb mMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZ lX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbYIBA DAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAIFfOlaagFrl71+jq6OKidbWFS E+Q4FqROvdgIONth+8kSK//Y/4ihuE4Ymvzn5ceE3S/iBSQQMjyvb+s2TWbQYDwcp129OPIbD9epdr4tJOUNiSojw7BHw YRiPh58S1xGlFgHFXwrEBb3dgNbMUa+u4qectsMAXpVHnD9wIy fmHMYIBmjCCAZYCAQEwgZQwgY4xCzAJBgNVBAYTAlVTMQswCQY DVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA 1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHM xETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZ UBwYXlwYWwuY29tAgEAMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0 BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wNjAxM TMxNjQwMzBaMCMGCSqGSIb3DQEJBDEWBBSo/h8cjOxPnVEhDs6X/kqOMjZpIDANBgkqhkiG9w0BAQEFAASBgLliU/ZJDzT4m5PbGX5jP7u/P8AVklXxeZ5ki8IdpN88c8mEjV0gKa0o0gdBlKiSHOiQheH3rr wFH0fC7C/lbJsdwGtPx+wht/K1s+DUfGfgRNpzWU8q/1bUl8UZ4RK7KgfjVkwxlU2HO4jAY+W7V21Y8LYlHyN/fhJ/pC4Pdw88-----END PKCS7-----" />
</form>
<br />
HTS costs $300 a month to operate. We <strong>need</strong> your help!</div><br />
-->
<br /><br />
</td>
<td valign="top" class="sitebuffer">
<br />
<br /><center>

<center><table border="0" width="80%" cellspacing="0" cellpadding="0">
<tr>

<td class="dark-td"><h2>Notice</h2></td>
</tr>

<tr>
<td class="light-td">You have already completed this level.<br /></td>
</tr>
</table></center>
<br><center><b>Level 7</b></center><br /><br />This time Network Security sam has saved the unencrypted level7 password in an obscurely named file saved in this very directory.<br /><br />In other unrelated news, Sam has set up a script that returns the output from the UNIX cal command. Here is the script:<br /><br />Enter the year you wish to view and hit 'view'.<br />

<form action="/missions/basic/7/cal.pl" method="post">
<input type="text" name="cal" />
<input type="submit" value="view" />
</form>
<br /><br /><center><b>Password:</b><br />
<form action="/missions/basic/7/index.php" method="post">
<input type="password" name="password"><br /><br />
<input type="submit" value="submit"></form>

</td>
</tr>
</table></td>
</tr>
<tr>
<td class="sitebottomheader"><img src="/images/hts_bottomheadern.jpg" alt="End Footer" width="780" height="60" /></td>
</tr>
</table>
<br />

<div align="center" style="font-family:Verdana, Arial, Helvetica, sans-serif; font-size:10px; color:#CCCCCC">This site is the collective work of the
HackThisSite staff. Please don't reproduce in part or whole without permission.<br />
Page Generated: Mon, 22 Oct 2007 18:34:49 +0000 Exec:
96</div>
</div>
<div align="center">
<p>
<a href="http://validator.w3.org/check?uri=referer"><img src="../../images/xhtml10.png" width="80" height="15" border="0" alt="" /></a>&nbsp;
<a href="http://jigsaw.w3.org/css-validator/check/referer"><img src="../../images/css.png" width="80" height="15" border="0" alt="" /></a>
<a href="http://www.php.net/"> <img src="../../images/phppow.gif" width="80" height="15" border="0" alt="" /></a>
<a href="http://www.linux.com/"> <img src="../../images/linux2.gif" width="80" height="15" border="0" alt="" /></a>

</p>
<a href="http://t.extreme-dm.com/?login=hackts"target="_top">
<img src="http://t1.extreme-dm.com/i.gif" name="EXim" border="0" height="38" width="41" alt="eXTReMe Tracker" /></a>
<script type="text/javascript" language="javascript1.2"><!--
EXs=screen;EXw=EXs.width;navigator.appName!="Netscape"?
EXb=EXs.colorDepth:EXb=EXs.pixelDepth;//-->
</script>
<script type="text/javascript"><!--
var EXlogin='hackts' // Login
var EXvsrv='s9' // VServer
navigator.javaEnabled()==1?EXjv="y":EXjv="n";
EXd=document;EXw?"":EXw="na";EXb?"":EXb="na";
EXd.write("<img src=http://e0.extreme-dm.com",
"/"+EXvsrv+".g?login="+EXlogin+"&amp;",
"jv="+EXjv+"&amp;j=y&amp;srw="+EXw+"&amp;srb="+EXb+"&amp;",
"l="+escape(EXd.referrer)+" height=1 width=1>");//-->
</script>
<noscript>
<img height="1" width="1" alt="" src="http://e0.extreme-dm.com/s9.g?login=hackts&amp;j=n&amp;jv=n" />
</noscript>
</div>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javascript">
_uacct = "UA-2391176-1";
urchinTracker();
</script>
</body>

</html>
merrifield69
10-25-2007, 11:46 AM
in this mission it is useing cal commands, which is a form of unix try this "1337 && ls" without " 's this will show you the dirrectory of the server
ENNO
10-25-2007, 04:19 PM
in this mission it is useing cal commands, which is a form of unix try this "1337 && ls" without " 's this will show you the dirrectory of the server

Thanks for the help merrifield,but were not done yet..when i entered the cal command it brought me to the year 1337..but at the bottom of the page i noticed it had

.
..
.htaccess
cal.pl
index.php
k1kh31b1n55h.php
level7.php

this was never on any of the other entrys...what can you tell me about this?