To solve this challenge you must know Directory traversal, SSI and *nix directory structure. In this mission Sam screwed up somewhere when he was trying to limit the use of SSI to the level 8 only, this is a big spoiler on how you should proceed to achieve this mission, in other words you have to use Sam’s daughter script once again to find the hidden file containing the password.
Back in the previous mission, we know that the file that is supposed to containt our name is stored in this directory “/var/www/hackthissite.org/html/missions/basic/8/tmp/” and we got the directory listing of “/var/www/hackthissite.org/html/missions/basic/8/” with this command <!–#exec cmd=”ls ..”–> where the two dots mean: one level up. What we need to do is to climb another level up (/var/www/hackthissite.org/html/missions/basic/) and list the content of the folder named “9″ (/var/www/hackthissite.org/html/missions/basic/9/) where the file containing the password is, the SSI command will be “<!–#exec cmd=”ls ../../9/”–>” once you submit this, you will get the name of the file containing the password. Once done, append it to this address “http://www.hackthissite.org/html/missions/basic/9/” (ex: http://www.hackthissite.org/html/missions/basic/9/p91e283zc3.php) and navigate to it, here you got your password 
.
