Hacker's Sandbox
Would you like to react to this message? Create an account in a few clicks or log in to continue.
Hacker's Sandbox

Support and conversations related to playing "The Hacker's Sandbox" as found on Flying Monkey Army.


You are not connected. Please login or register

after getting the shell in morbid

2 posters

Go down  Message [Page 1 of 1]

1after getting the shell in morbid Empty after getting the shell in morbid Thu Jan 01, 2015 6:28 pm

hong



I've got the shell in morbid by overflowing the buffer, and I received a mail that asks me to hack a website neongate/page?login. I have no idea. What can I do now?

2after getting the shell in morbid Empty Re: after getting the shell in morbid Fri Jan 09, 2015 1:32 am

hong



It was supposed to see :

<html><body><h1>Welcome</h1>root:" .. hash("baseball") .. ":0:0:root:/root:/bin/sh\n</body></html>

to get the username and password of next server by typing

wwwlook http://neongate/page?/etc/passwd.

However, it was not.
When I debug the wwwlook function which is in the mission-pack destiny.mis through www.lua.org/demo.html, there is an error that hash is a nil value.

3after getting the shell in morbid Empty Re: after getting the shell in morbid Thu Mar 12, 2015 12:06 pm

unix-ninja


Admin

hong wrote:It was supposed to see :

<html><body><h1>Welcome</h1>root:" .. hash("baseball") .. ":0:0:root:/root:/bin/sh\n</body></html>

to get the username and password of next server by typing

wwwlook http://neongate/page?/etc/passwd.

However, it was not.
When I debug the wwwlook function which is in the mission-pack destiny.mis through www.lua.org/demo.html, there is an error that hash is a nil value.


Sorry for the late reply. I have a new version of THS online. Can you confirm that this works for you now?

https://hackersandbox.board-directory.net

4after getting the shell in morbid Empty re: Fri Mar 27, 2015 3:19 pm

hong



Admin wrote:
hong wrote:It was supposed to see :

<html><body><h1>Welcome</h1>root:" .. hash("baseball") .. ":0:0:root:/root:/bin/sh\n</body></html>

to get the username and password of next server by typing

wwwlook http://neongate/page?/etc/passwd.

However, it was not.
When I debug the wwwlook function which is in the mission-pack destiny.mis through www.lua.org/demo.html, there is an error that hash is a nil value.


Sorry for the late reply. I have a new version of THS online. Can you confirm that this works for you now?

Thank you for replying. I've ran it and it works well. Thank you, hope there will be more missions.

Sponsored content



Back to top  Message [Page 1 of 1]

Permissions in this forum:
You cannot reply to topics in this forum