HackThisSite.org Basic Web Level 7

In this level our background information is:

This time Network Security sam has saved the unencrypted level7 password in an obscurely named file saved in this very directory.In other unrelated news, Sam has set up a script that returns the output from the UNIX cal command. Here is the script:Enter the year you wish to view and hit ‘view’.

This is a fun little level it shows how you can inject unix commands into poorly written perl scripts. What Sam has done is created an obscurely name php script that holds an unencrypted password. Sam is showing off his talent by creating a calendar program written in perl. When used correctly the perl script returns a calendar for the year you type in the text box.

Hint: You will need more than one UNIX command to pass this level. Think about how you will enter more than one command and which commands you will need to use to list the files. You will need to change directories and list the files.

I began programming in C++ when I was in college. Odd for a business major, but hey I am a Dork. After college I got a job as System Administrator. As a System Administrator I was in charge of web administration. My journey as a PHP web developer had begun. Since that time I have gained an in depth knowledge of CSS, Javascript, XML and MySQL. With changes and advances to technology I have also began learning AJAX. I started Blue Fire Development to do freelance work in my spare time.

Posted in Hacking, HackThisSite Levels