Basic Mission 8

[not_essence2]

One of the more annoying quirks of the mission. Technically you should be done, but, "security reasons".

[moridin666]

Okay... so. I am not new to shell scripting. I've gotten far enough to start injecting commands via SSI, however, unlocking the correct possibility is insane.

It was pretty easy to get to the list of shtml files saved by Sam's daughter's script once I learned a bit about SSI.
Accessing the correct directory is the problem.
Originally, I started out trying to separate my commands, as in basic 7, and attempting to string together easy commands.I tried changing directories to the given directory and then printing its contents. No dice. Security reasons (like somebody who leaves this exploit open would prevent me from using all available commands in my unix toolbox, right? but no dice). I tried opening the file directly, guessing at a name of password.php because Sam doesn't seem like a creative type, but of course, without a client side program to open it, it's not going to open, but either way, no dice, command disabled. I tried to have the shell print the contents of the file (guessing at the name again, same guess). No dice. Command disabled. Couldn't print the contents of the given directory to find the name of the file either.

Considering that I know what I am doing enough with shell scripting to know a variety of ways to attempt to get this and all of them are disabled, despite me being encouraged to try to use creative methods to get this file... it's discouraging! Any hints at all that are useful beyond what I already know? Or is it just a matter of trying every possible permutation in the man pages?

[not_essence2]

Somewhere on this thread there was a website that explained SSI, and it had the general command you needed to get in, although you had to customize it a bit before it was correct. Anyways, it's like a search engine. A search engine lists everything it can find in its files.

[LoGiCaL__]

Somewhere on this thread there was a website that explained SSI, and it had the general command you needed to get in, although you had to customize it a bit before it was correct. Anyways, it's like a search engine. A search engine lists everything it can find in its files.

Check this first post in this link by Monica. Gives a pretty good run down on SSI:

http://www.hackthissite.org/forums/viewtopic.php?f=14&t=2916

[moridin666]

thank you for the direction. I will refocus my efforts.

[Threethumb]

Okay, so I've come to a point where I figured out how to make the script run a command of my own choice by using SSI commands... Right now I'm desperately trying to go back 2 directories by using the unix command for it, but after trying a lot of variations, that command seems disabled no matter what I do.. does this mean I have to look for a way native to SSI to go back directories, or am I just doing something wrong when I try to execute UNIX commands?

[weekend hacker]

For security reasons the challenge doesn't actually execute your code but tries to emulate that, because of this only a very specific command would work.
Since you're trying to take a look at the files in a certain directory try using a command that'll list the files in whatever directory you specify instead of trying to go to that directory and then listing those files.

Hope this helps without spoiling too much.

[Threethumb]

For security reasons the challenge doesn't actually execute your code but tries to emulate that, because of this only a very specific command would work.
Since you're trying to take a look at the files in a certain directory try using a command that'll list the files in whatever directory you specify instead of trying to go to that directory and then listing those files.

Hope this helps without spoiling too much.

That does give me a few ideas, I'll test things out!

EDIT: Yeah, that did work! I was right in how I tried to specify a directory, I was just using the wrong command with it! Thinking about it now makes me facepalm, because I really should've figured that out just by thinking about it

[sys-dot-r0ar]

wow ..... so, i started to research SSI, within a few minutes i was able to determine what to do. (i already knew the commands but for some reason it just didnt click). What got me was once i was able to "see" the files i got lost lol .... if your at this point dont over think it. Just like many others have said, think about the Basic 3 Mission.

[corbonium]

As a noob to hacking, and just now having completed this challenge, I'm finding all of this to be pretty hilarious and scary at the same time.

This one was easy, especially if you read the hint link in the first thread post. It's pretty much copypasta of a particular thing in the linked page. Took me another 10 minutes to figure out my command might not be targeted to the correct folder. *cough*hinthint*cough*