Security Corner

Oct 28 2009   12:15AM GMT

Hacking Skills Challenge – Level 7

Ken Harthun Ken Harthun Profile: Ken Harthun

Once again it’s a slow security news week, so time to tackle the next hacking skills challenge level. So far, we’ve explored the first 6 basic missions at The difficulty level is supposed to increase at each level, but this one is only difficult if you don’t know Linux. Here’s the challenge:

The password is hidden in an unknown file, and Sam has set up a script to display a calendar. Requirements: Basic UNIX command knowledge.

This time Network Security Sam has saved the unencrypted level7 password in an obscurely named file saved in this very directory.

In other unrelated news, Sam has set up a script that returns the output from the UNIX cal command.

This one is so easy you don’t even have to look at the source code. But you do have to know about chaining commands in Unix.

If you enter a year, you’ll get a full 12-month calendar with all weeks beginning on Sunday displayed on the resulting output page. This is default behavior of the cal command. It looks like all the script does is execute the command, taking your input as a parameter.  We can prove this by leaving the field blank; the script returns the current month and year, i.e., default behavior.

The key to cracking this one is the phrase “…obscurely named file saved in this very directory.” We know the permissions are good to run commands on that directory, so let’s just chain the ls — list directory contents — command and see what happens. (You chain commands in Linux using && between them.) Enter the following in the text box: && ls and click the View button. Here’s the output:

       October 2009
Mon Tue Wed Thu Fri Sat Sun
              1   2   3   4
  5   6   7   8   9  10  11
 12  13  14  15  16  17  18
 19  20  21  22  23  24  25
 26  27  28  29  30  31



Looks to me like k1kh31b1n55h.php is our file. Stick it in the URL and open it up. Voila! The password, f866d6b9, is revealed.

Mission accomplished!

1  Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • satish15
    what is the effect of && before ls command?
    10 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: