Level Goal
The password for the next level can be retrieved by submitting the password of the current level to port 30001 on localhost using SSL encryption.Commands you may need to solve this level
Helpful note: Getting "HEARTBEATING" and "Read R BLOCK"? Use -quiet and read the "CONNECTED COMMANDS" section in the manpage. Next to 'R' and 'Q', the 'B' command also works in this version of that command...
ssh, telnet, nc, openssl, s_client, nmapHelpful Reading Material
Secure Socket Layer/Transport Layer Security on WikipediaSolution:
Testing SSL with commandline tools
- [Comment] Using SSH to connect the server
- sp@simple-plan:~|=> ssh bandit15@bandit.labs.overthewire.org
...
bandit15@bandit.labs.overthewire.org's password: BfMYroe26WYalil77FoDi9qh59eK5xNr - [Comment] Using openssl with s_client option to establish the encrypted communication
- bandit15@melinda:~$ echo BfMYroe26WYalil77FoDi9qh59eK5xNr | openssl s_client -quiet -connect localhost:30001
depth=0 CN = localhost
verify error:num=18:self signed certificate
verify return:1
depth=0 CN = localhost
verify return:1
Correct!
cluFn7wTiGryunymYOu4RcffSxQluehd
read:errno=0 - [Comment] Using exit command to disconnect connection to server
- bandit15@melinda:~$ exit
logout
Connection to bandit.labs.overthewire.org closed. - [Comment] It's done! Saving the password for next level.
I can't figure out why "Getting "HEARTBEATING" and "Read R BLOCK"?" is a helpful notey
ReplyDeleteThis comment has been removed by the author.
ReplyDelete