What is it? @.@

Here is the place where I record some tactics about wargame, systems, and other security issues.

2014-01-23

OverTheWire - Bandit - Level 9 to Level 10

Description:

Level Goal
The password for the next level is stored in the file data.txt among of few lines of human-readable strings starting with '=' characters.
Commands you may need to solve this level
grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd
Solution:
  1. [Comment] Using SSH to connect the server
  2. sp@simple-plan:~|=> ssh bandit9@bandit.labs.overthewire.org
    ...
    bandit9@bandit.labs.overthewire.org's password: UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR
  3. [Comment] Using ls command to list directory contents
  4. bandit9@melinda:~$ ls
    data.txt
  5. [Comment] Using strings command to discard non-printable characters in files
  6. [Comment] Using grep command to search the targets
  7. bandit9@melinda:~$ strings data.txt | grep "="
    Rj=G
    ========== the
    =qy9g
    ,========== passwordc
    ========== is
    =9-5
    O=p~
    #r=t!
    7e}=eG
    ========== truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk
    uXI/{I=VPO=
    6'Q|_=Vt
    :={!
    yd=6
  8. [Comment] Using exit command to disconnect connection to server
  9. bandit9@melinda:~$ exit
    logout
    Connection to bandit.labs.overthewire.org closed.
  10. [Comment] It's done! Saving the password for next level.
Reference:
sshhttp://linuxcommand.org/man_pages/ssh1.html
lshttp://linuxcommand.org/man_pages/ls1.html
cathttp://linuxcommand.org/man_pages/cat1.html
exithttp://linuxcommand.org/man_pages/exit1.html
cdhttp://linuxcommand.org/lc3_man_pages/cdh.html
findhttp://linuxcommand.org/man_pages/find1.html
grephttp://linuxcommand.org/lc3_man_pages/grep1.html
sorthttp://linuxcommand.org/lc3_man_pages/sort1.html
uniqhttp://linuxcommand.org/man_pages/uniq1.html
stringshttp://linuxcommand.org/man_pages/strings1.html
Posted by at Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)