Description: DNS Lookup
This challenge is command line injection (you must know linux command line), when you input address 127.0.0.1 for example in the fill form, you will get output
Look the ;127.0.0.1 lines, ‘;‘ indicates you can input 2 command in a times explain by the source code below
DNS Lookup "; $cmd = ($_POST['dig']); system("dig mx " . $cmd ); echo " "; die; } ?>
let’s try it ‘127.0.0.1; ls -a’ (without qoute) or you can just use “;Unix/linux comand line” in the DNS Lookup form.
You can use Repeater in burpsuite without using the browser.
there is a .hey file, lets look what is it, it is a ascii files, open in a browser using the link http://ctf.infosecinstitute.com/levelfifteen/.hey it contain
I can’t find the flag in this challenge.
I’m clueless with this challenge, and then there’s a bit cheating in this, I accidentally found this solution in one of the ctf n00bs write-up, that string above is ATOM-128 Encoding. So using online decoding tools, you found the flag.
The flag is: infosec_flagis_rceatomized
Reference and Tools:
1. BurpSuite – http://portswigger.net/burp/
2. Command Execution – http://resources.infosecinstitute.com/command-execution/
3. Atom-128 – http://stackoverflow.com/questions/8771179/how-to-explain-atom-128-encrypt
4. Encoding tools for Atom-128 – http://crypo.in.ua/tools/eng_atom128c.php
PS: I feel this level is not my work, but I post anyway 😀