Does that mean that all it takes to prevent this is a type conversion to string then?
also, is there code you could type that would tell the script to interpret your command as a command no matter what?
Basic Mission 7
Forum rules
DO NOT POST ANSWERS OR SPOILERS! [IE: Mission Links, Mission File Names/Pages, Scripts, etc.]
Posting these will result in warnings/bans!
DO NOT POST ANSWERS OR SPOILERS! [IE: Mission Links, Mission File Names/Pages, Scripts, etc.]
Posting these will result in warnings/bans!
Re: Basic Mission 7
by KthProg on Mon Jan 28, 2013 7:46 pm
([msg=72822]see Re: Basic Mission 7[/msg])
-
KthProg - Poster
- Posts: 219
- Joined: Wed Jan 23, 2013 7:06 pm
- Blog: View Blog (0)
Re: Basic Mission 7
by fashizzlepop on Mon Jan 28, 2013 7:53 pm
([msg=72827]see Re: Basic Mission 7[/msg])
No. You should still sanitize input.KthProg wrote:Does that mean that all it takes to prevent this is a type conversion to string then?
also, is there code you could type that would tell the script to interpret your command as a command no matter what?
Nope. It depends solely on the code in the backend that doesn't sanitize input. That's what allows vulns.
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.
-
fashizzlepop - Moderator
- Posts: 2147
- Joined: Sat May 24, 2008 1:20 pm
- Blog: View Blog (0)
Re: Basic Mission 7
by 19r3ka on Thu Jan 31, 2013 11:05 pm
([msg=73107]see Re: Basic Mission 7[/msg])
orwell84 wrote:Think of the input box for the year as one line of code. The year is one piece of code. It's probably taken and put through a function to give the calendar. However, you want to execute another command. As you may have learned, you can't put just the command you want in the box--it only works if you put in a year. What you have to do is make both happen at once. How?
(if you're still stuck, read my first sentence again)
It took me 2 years (OK I totally forgot about this brain teasing missions for more than a year) but I finally saw the light. My fellow noobs, all you need is in this wise lines. So take the red pill, rest your eyes and open your mind to see codes.
<-- that's my Morpheos smiley, right there.- 19r3ka
- New User
- Posts: 1
- Joined: Thu Jan 31, 2013 10:59 pm
- Blog: View Blog (0)
Re: Basic Mission 7
by 1njustice on Fri Feb 01, 2013 7:28 am
([msg=73140]see Re: Basic Mission 7[/msg])
Try literally googling - running-multiple-unix-commands.
First link, smashed it within a minute after reading this. I noticed people saying you don't need to enter a date in order for the cal to respond, I however used a date. Works either way it would seem.
Hope this helps!
First link, smashed it within a minute after reading this. I noticed people saying you don't need to enter a date in order for the cal to respond, I however used a date. Works either way it would seem.
Hope this helps!
-
1njustice - New User
- Posts: 23
- Joined: Fri Feb 01, 2013 7:26 am
- Blog: View Blog (0)
Re: Basic Mission 7
by hoxtonspecial on Mon Feb 04, 2013 3:40 pm
([msg=73399]see Re: Basic Mission 7[/msg])
GaRRR! Took me a while to get this one!
Can't believe it was so obvious!
Can't believe it was so obvious!
- hoxtonspecial
- New User
- Posts: 9
- Joined: Mon Jan 28, 2013 7:50 am
- Blog: View Blog (0)
Re: Basic Mission 7
by occamsrzr on Tue Feb 19, 2013 5:12 pm
([msg=73900]see Re: Basic Mission 7[/msg])
Pfft....I'm retarded....I already completed this mission about a year ago, took year break from the site and I'm going back through it....good thing, cuz it took me two days to complete this mission...
Yeah, Windows command prompt commands don't work *nix
Yeah, Windows command prompt commands don't work *nix
- occamsrzr
- New User
- Posts: 47
- Joined: Wed Aug 24, 2011 10:28 pm
- Blog: View Blog (0)
Re: Basic Mission 7
by W_i_l_l_i_a_m_s_o_n on Wed Feb 27, 2013 4:26 am
([msg=74230]see Re: Basic Mission 7[/msg])
Wow. I feel so stupid. I figured it out. I was 'over thinking' that just a little
- W_i_l_l_i_a_m_s_o_n
- New User
- Posts: 1
- Joined: Wed Feb 27, 2013 4:23 am
- Blog: View Blog (0)
Re: Basic Mission 7
by mutsop on Tue Mar 05, 2013 3:14 am
([msg=74364]see Re: Basic Mission 7[/msg])
Found it!!!! Thanks to "orwell84"'s post.
Quite alot of fun
Quite alot of fun
- mutsop
- New User
- Posts: 1
- Joined: Tue Mar 05, 2013 3:13 am
- Blog: View Blog (0)
Re: Basic Mission 7
by wizd00m on Tue Mar 26, 2013 10:45 pm
([msg=74773]see Re: Basic Mission 7[/msg])
So i've found the right command by searching around a bit. No idea why this command even works in the first place. But even though i was able to put together two commands and get it the program to show me whats happening i cannot find the password. Any chance someone could PM me to discuss this? I am pretty sure my command is right because I was able to get out of the cal program. I just don't really know what it is I am doing here.
EDIT: Ok so i've found the obscurely named file and my idea is to vim the file so that i can look at its contents but this is not working
EDIT: Ok so i've found the obscurely named file and my idea is to vim the file so that i can look at its contents but this is not working
- wizd00m
- New User
- Posts: 6
- Joined: Tue Mar 26, 2013 9:44 pm
- Blog: View Blog (0)
Re: Basic Mission 7
by limdis on Tue Mar 26, 2013 11:13 pm
([msg=74775]see Re: Basic Mission 7[/msg])
Sure, PM me. Make another post though, you'll need 2 before you can PM.
"The quieter you become, the more you are able to hear..."
"Drink all the booze, hack all the things."
"Drink all the booze, hack all the things."
-
limdis - Moderator
- Posts: 975
- Joined: Mon Jun 28, 2010 5:45 pm
- Blog: View Blog (0)
Who is online
Users browsing this forum: No registered users and 0 guests