cleans up bandit responses

This commit is contained in:
waldek 2021-04-12 17:51:09 +02:00
parent ba940953bb
commit fa2f39964e
1 changed files with 80 additions and 28 deletions

View File

@ -1,20 +1,18 @@
# Notes
## Rules
* USERNAMES are somegame0, somegame1, ...
* Most LEVELS are stored in /somegame/.
* PASSWORDS for each level are stored in /etc/somegame_pass/.
It is advised to create a
working directory with a hard-to-guess name in /tmp/. You can use the
command "mktemp -d" in order to generate a random and hard to guess
directory in /tmp/. Read-access to both /tmp/ and /proc/ is disabled
so that users can not snoop on eachother.
## /tmp folder
/tmp/lolipopzalondo
It is advised to create a working directory with a hard-to-guess name in /tmp/.
You can use the command `mktemp -d` in order to generate a random and hard to guess directory in /tmp/.
Read-access to both `/tmp/` and `/proc/` is disabled so that users can not snoop on eachother.
For example: `/tmp/lolipopzalondo`
## Passwd
- bandit0 = bandit0
- bandit1 = boJ9jbbUNNfktd78OOpsqOltutMc3MY1
- bandit2 = CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9
@ -39,14 +37,47 @@ It is advised to create a
- bandit21 =
## CMD
5. find . -size 1033c
7. find / -size 33c -type f -group bandit6 -user bandit7
8. cat data.txt | sort | uniq -u
9. at data.txt | strings | grep ====
10. base64 -d data.txt
11. alias rot13="tr 'A-Za-z' 'N-ZA-Mn-za-m'" && cat data.txt | rot13
12. xxd -r data.txt reverse.tgz
### Level 5
```bash
find . -size 1033c
```
### Level 7
```bash
find / -size 33c -type f -group bandit6 -user bandit7
```
### Level 8
```bash
cat data.txt | sort | uniq -u
```
### Level 9
```bash
at data.txt | strings | grep ====
```
### Level 10
```bash
base64 -d data.txt
```
### Level 11
```bash
alias rot13="tr 'A-Za-z' 'N-ZA-Mn-za-m'" && cat data.txt | rot13
```
### Level 12
```bash
xxd -r data.txt reverse.tgz
file reverse
mv reverse reverse.gzip
gzip -d reverse.gz
@ -54,12 +85,33 @@ It is advised to create a
file data8.bin
mv data8.bin data8.gz
gzip -d data8.gz
```
14. echo 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e | nc localhost 30000
15. openssl s_client -crlf -connect localhost:30001
18. ssh bandit18@bandit.labs.overthewire.org -p 2220 cat readme
19. ./bandit20-do cat /etc/bandit_pass/bandit20
### Level 14
```bash
echo 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e | nc localhost 30000
```
### Level 15
```bash
openssl s_client -crlf -connect localhost:30001
```
### Level 18
```bash
ssh bandit18@bandit.labs.overthewire.org -p 2220 cat readme
```
### Level 19
```bash
./bandit20-do cat /etc/bandit_pass/bandit20
```
## Questions
- tr function
- nc