본문 바로가기

Wargame

 (50)
[ Docker ] Bandit Wargame 만들기 - 16번 문제 ( 17 / 33 ) 1. Bandit16 목표The credentials for the next level can be retrieved by submitting the password of the current level to a port on localhost in the range 31000 to 32000. First find out which of these ports have a server listening on them. Then find out which of those speak SSL and which don’t. There is only 1 server that will give the next credentials, the others will simply send back to you whateve..
[ Docker ] Bandit Wargame 만들기 - 15번 문제 ( 16 / 33 ) 1. Bandit15 목표The password for the next level can be retrieved by submitting the password of the current level to port 30001 on localhost using SSL encryption.Helpful note: Getting “HEARTBEATING” and “Read R BLOCK”? Use -ign_eof and read the “CONNECTED COMMANDS” section in the manpage. Next to ‘R’ and ‘Q’, the ‘B’ command also works in this version of that command…Commands you may need to solve ..
[ Docker ] Bandit Wargame 만들기 - 14번 문제 ( 15 / 33 ) 1. Bandit14 목표The password for the next level can be retrieved by submitting the password of the current level to port 30000 on localhost.Commands you may need to solve this levelssh, telnet, nc, openssl, s_client, nmap 2. Bandit14 구현# 비밀번호 root 입력 접속ssh -oStrictHostKeyChecking=no root@localhost -p 2220cat /tmp/bandit15_answer.c#include "stdio.h"#include "stdlib.h"#include "string.h"#include "t..
[ Docker ] Bandit Wargame 만들기 - 13번 문제 ( 14 / 33 ) 1. Bandit13 목표The password for the next level is stored in /etc/bandit_pass/bandit14 and can only be read by user bandit14.For this level, you don’t get the next password, but you get a private SSH key that can be used to log into the next level. Note: localhost is a hostname that refers to the machine you are working onCommands you may need to solve this levelssh, telnet, nc, openssl, s_client,..
[ Docker ] Bandit Wargame 만들기 - 12번 문제 ( 14 / 33 ) 1. Bandit12 목표The password for the next level is stored in the file data.txt, which is a hexdump of a file that has been repeatedly compressed. For this level it may be useful to create a directory under /tmp in which you can work. Use mkdir with a hard to guess directory name. Or better, use the command “mktemp -d”. Then copy the datafile using cp, and rename it using mv (read the manpages!)Com..
[ Docker ] Bandit Wargame 만들기 - 11번 문제 ( 13 / 33 ) 1. Bandit11 목표The password for the next level is stored in the file data.txt, where all lowercase (a-z) and uppercase (A-Z) letters have been rotated by 13 positionsCommands you may need to solve this levelgrep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd 2. Bandit11 구현# 비밀번호 root 입력 접속ssh -oStrictHostKeyChecking=no root@localhost -p 2220chown -R root:root /home/bandit11/.[!.]*echo Gu..
[ Docker ] Bandit Wargame 만들기 - 10번 문제 ( 12 / 33 ) 1. Bandit10 목표The password for the next level is stored in the file data.txt, which contains base64 encoded dataCommands you may need to solve this levelgrep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd 2. Bandit10 구현# 비밀번호 root 입력 접속ssh -oStrictHostKeyChecking=no root@localhost -p 2220chown -R root:root /home/bandit10/.[!.]*echo VGhlIHBhc3N3b3JkIGlzIElGdWt3S0dzRlc4TU9xM0lSRnFyeEUxaHh..
[ Docker ] Bandit Wargame 만들기 - 9번 문제 ( 11 / 33 ) 1. Bandit9 목표The password for the next level is stored in the file data.txt in one of the few human-readable strings, preceded by several ‘=’ characters.Commands you may need to solve this levelgrep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd 2. Bandit9 구현# 문제의 파일이 크기 때문에 해당 파일을 첨부하였다.# Bandit의 경우 관리자가 주기적으로 비밀번호를 변경하고 있다.# 하여 해당 파일을 다운로드 하는 방법만 설명하고 첨부된 파일 링크를 통해 구현을 진행하면 된다.# 비밀번호 ..

티스토리툴바