본문 바로가기
Wargame/Bandit

[ Docker ] Bandit Wargame 만들기 - 4번 문제 ( 6 / 33 )

loopinger 2024. 6. 4. 18:34

1. Bandit4 목표

The password for the next level is stored in the 
only human-readable file in the inhere directory.
Tip: if your terminal is messed up, try the “reset” command.

Commands you may need to solve this level
ls , cd , cat , file , du , find

 

2. Bandit4 구현

# 비밀번호 root 입력 접속
ssh -oStrictHostKeyChecking=no root@localhost -p 2220

chown -R root:root /home/bandit4/.[!.]*

mkdir /home/bandit4/inhere

echo koReBOKuIDDepwhWk7jZC0RTdopnAYKh > /home/bandit4/inhere/-file07

# md5sum ./-file00 을 통해 무결성확인
# 사람이 읽을수 없는 파일 생성
# 실제 bandit 에서 
# [ ls | grep -v 07 | while read result; do echo $result;base64 ./$result; done ]
# 명령어를 통해 파일들 base64 encoding 하여 가져온 내용 다시 디코딩 해줌
echo 6sKPL2AHMtKTG32mJbucckwDfjX2Z4LBhiCMlY/V0Aij | base64 --decode > /home/bandit4/inhere/-file00

echo vwHMcCxryju0sHIqAsDfCRyJLiHn3UPhyUoDCahkeCzI | base64 --decode > /home/bandit4/inhere/-file01

echo Zdkp4yMQ8Rn3BzWsFaEFDASzqnCnyVbUX5DI39evw21t | base64 --decode > /home/bandit4/inhere/-file02

echo 8Mz4uuT3aA8hVFFPzGCGNBkWImHXnKnfgnBoVJT+LOhB | base64 --decode > /home/bandit4/inhere/-file03

echo afc076/XlST0nZPFSSaOgKS/6vCvY5Cc+d6OLtEGDT+T | base64 --decode > /home/bandit4/inhere/-file04

echo inK2bAMZJNI/aOE5Bygnq6iTIXm/ZbIjjnjYT4fWPeCJ | base64 --decode > /home/bandit4/inhere/-file05

echo bHm1w8d+paFBo2bDErvGzi1Fp3um08ltmIrExPQT3JdN | base64 --decode > /home/bandit4/inhere/-file06

echo 21SAP+tpp9Rq7Z7Kw65Qo0blbPluihzXStrrzdB7ztBA | base64 --decode > /home/bandit4/inhere/-file08

echo HY1l8DAkpmluPcftXx1i3zVGFkGkUDf1CHN6upFnTlQI | base64 --decode > /home/bandit4/inhere/-file09

# bandit5 passwd 설정
useradd bandit5 && echo -e "koReBOKuIDDepwhWk7jZC0RTdopnAYKh\nkoReBOKuIDDepwhWk7jZC0RTdopnAYKh" | passwd bandit5

chmod 640 /home/bandit4/inhere/*

chown bandit5:bandit4 /home/bandit4/inhere/*

chmod 755 /home/bandit5

chown root:root /home/bandit5

exit

 

3. Bandit4 문제풀의

:: bandit4 로 설정한 패스워드를 입력하여 접속한다.
:: pIwrPrtPN36QITSp3EQaw936yaFoFgAB
ssh bandit4@localhost -p 2220

ls -la

ls -la ./inhere

cat `file ./inhere/* | grep ASCII | awk -F ":" '{ print $1 }'`
저작자표시

'Wargame > Bandit' 카테고리의 다른 글

[ Docker ] Bandit Wargame 만들기 - 6번 문제 ( 8 / 33 )  (1) 2024.06.11
[ Docker ] Bandit Wargame 만들기 - 5번 문제 ( 7 / 33 )  (0) 2024.06.04
[ Docker ] Bandit Wargame 만들기 - 3번 문제 ( 5 / 33 )  (0) 2024.06.04
[ Docker ] Bandit Wargame 만들기 - 2번 문제 ( 4 / 33 )  (1) 2024.06.04
[ Docker ] Bandit Wargame 만들기 - 1번 문제 ( 3 / 33 )  (0) 2024.06.04

'Wargame/Bandit' Related Articles

티스토리툴바