cleans up bandit responses
This commit is contained in:
parent
ba940953bb
commit
fa2f39964e
|
@ -1,20 +1,18 @@
|
|||
# Notes
|
||||
|
||||
## Rules
|
||||
* USERNAMES are somegame0, somegame1, ...
|
||||
* Most LEVELS are stored in /somegame/.
|
||||
* PASSWORDS for each level are stored in /etc/somegame_pass/.
|
||||
|
||||
It is advised to create a
|
||||
working directory with a hard-to-guess name in /tmp/. You can use the
|
||||
command "mktemp -d" in order to generate a random and hard to guess
|
||||
directory in /tmp/. Read-access to both /tmp/ and /proc/ is disabled
|
||||
so that users can not snoop on eachother.
|
||||
* USERNAMES are somegame0, somegame1, ...
|
||||
* Most LEVELS are stored in /somegame/.
|
||||
* PASSWORDS for each level are stored in /etc/somegame_pass/.
|
||||
|
||||
## /tmp folder
|
||||
/tmp/lolipopzalondo
|
||||
It is advised to create a working directory with a hard-to-guess name in /tmp/.
|
||||
You can use the command `mktemp -d` in order to generate a random and hard to guess directory in /tmp/.
|
||||
Read-access to both `/tmp/` and `/proc/` is disabled so that users can not snoop on eachother.
|
||||
For example: `/tmp/lolipopzalondo`
|
||||
|
||||
## Passwd
|
||||
|
||||
- bandit0 = bandit0
|
||||
- bandit1 = boJ9jbbUNNfktd78OOpsqOltutMc3MY1
|
||||
- bandit2 = CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9
|
||||
|
@ -39,27 +37,81 @@ It is advised to create a
|
|||
- bandit21 =
|
||||
|
||||
## CMD
|
||||
5. find . -size 1033c
|
||||
7. find / -size 33c -type f -group bandit6 -user bandit7
|
||||
8. cat data.txt | sort | uniq -u
|
||||
9. at data.txt | strings | grep ====
|
||||
10. base64 -d data.txt
|
||||
11. alias rot13="tr 'A-Za-z' 'N-ZA-Mn-za-m'" && cat data.txt | rot13
|
||||
|
||||
12. xxd -r data.txt reverse.tgz
|
||||
file reverse
|
||||
mv reverse reverse.gzip
|
||||
gzip -d reverse.gz
|
||||
tar -xvf data6.tar
|
||||
file data8.bin
|
||||
mv data8.bin data8.gz
|
||||
gzip -d data8.gz
|
||||
### Level 5
|
||||
|
||||
14. echo 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e | nc localhost 30000
|
||||
15. openssl s_client -crlf -connect localhost:30001
|
||||
18. ssh bandit18@bandit.labs.overthewire.org -p 2220 cat readme
|
||||
19. ./bandit20-do cat /etc/bandit_pass/bandit20
|
||||
```bash
|
||||
find . -size 1033c
|
||||
```
|
||||
|
||||
### Level 7
|
||||
|
||||
```bash
|
||||
find / -size 33c -type f -group bandit6 -user bandit7
|
||||
```
|
||||
|
||||
### Level 8
|
||||
|
||||
```bash
|
||||
cat data.txt | sort | uniq -u
|
||||
```
|
||||
|
||||
### Level 9
|
||||
|
||||
```bash
|
||||
at data.txt | strings | grep ====
|
||||
```
|
||||
|
||||
### Level 10
|
||||
|
||||
```bash
|
||||
base64 -d data.txt
|
||||
```
|
||||
|
||||
### Level 11
|
||||
|
||||
```bash
|
||||
alias rot13="tr 'A-Za-z' 'N-ZA-Mn-za-m'" && cat data.txt | rot13
|
||||
```
|
||||
|
||||
### Level 12
|
||||
|
||||
```bash
|
||||
xxd -r data.txt reverse.tgz
|
||||
file reverse
|
||||
mv reverse reverse.gzip
|
||||
gzip -d reverse.gz
|
||||
tar -xvf data6.tar
|
||||
file data8.bin
|
||||
mv data8.bin data8.gz
|
||||
gzip -d data8.gz
|
||||
```
|
||||
|
||||
### Level 14
|
||||
|
||||
```bash
|
||||
echo 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e | nc localhost 30000
|
||||
```
|
||||
|
||||
### Level 15
|
||||
|
||||
```bash
|
||||
openssl s_client -crlf -connect localhost:30001
|
||||
```
|
||||
|
||||
### Level 18
|
||||
|
||||
```bash
|
||||
ssh bandit18@bandit.labs.overthewire.org -p 2220 cat readme
|
||||
```
|
||||
|
||||
### Level 19
|
||||
|
||||
```bash
|
||||
./bandit20-do cat /etc/bandit_pass/bandit20
|
||||
```
|
||||
|
||||
## Questions
|
||||
|
||||
- tr function
|
||||
- nc
|
||||
|
|
Loading…
Reference in New Issue