Bandit靶场记录

2024-02-28 19:58:05 浏览数 (1)

Bandit靶场记录

上古博客了,在之前我使用的是简书的博客,在我写的博客一次次被ban之后,我才搭建的静态博客。现在发现这个博客没有转移过来,随手往博客里放一下。稍后会进行补充

靶场名称:Bandit bandit.labs.overthewire.org Port: 2220

level 0

代码语言:javascript复制
The goal of this level is for you to log into the game using SSH. 
The host to which you need to connect is bandit.labs.overthewire.org, on port 2220. 
The username is bandit0 and the password is bandit0. 
Once logged in, go to the Level page to find out how to beat Level 1.

很明显这一个等级只是登入bandit,在输入账号密码后就连接上了服务器。

level 0~1
代码语言:javascript复制
The password for the next level is stored in a file called readme located in the home directory. 
Use this password to log into bandit1 using SSH.
 Whenever you find a password for a level.
 use SSH (on port 2220) to log into that level and continue the game.

通过cd ~指令切换到主菜单 在通过cat指令打开readme文件夹,得到bandit1的密码:boJ9jbbUNNfktd78OOpsqOltutMc3MY1

level 1~2
代码语言:javascript复制
The password for the next level is stored in a file called - located in the home directory

我以为这个题目还是跟上一级一样是通过cat能够简单得到, 使用之前的步骤并不能把这一级的密码获取出来。在进入靶场提供的参考网址后 Advanced Bash-scripting Guide - Chapter 3 - Special Characters 找到了这一句话

代码语言:javascript复制
Filenames beginning with "-" may cause problems when coupled with the "-" redirection operator.

使用cat <-指令可以调出这一级的密码

bandit1@bandit:~$ cat <- CV1DtqXWVFXTvM2F0k09SHz0YwRINYA

level2~3

The password for the next level is stored in a file called spaces in this filename located in the home directory。 这一级密码储村在spaces in this filename里面这一级的难点在于是文件名有空格 通过引号可以打开文件 UmHadQclWmgdLOKQ3YNgjWxGoRMb5luK

level3~4
代码语言:javascript复制
The password for the next level is stored in a hidden file in the inhere directory.

好样的,这一级答案有到了隐藏文件中去了。。。。 通过ls指令看下有什么文件 进入这个文件ls一下,啥都没有

12个文件。。。。。群里有人问过这个问题师哥说暴力跑跑,好吧一个一个试验。 接连打开. ..都没有提示当进入.hidden出现了提示这个文件不是一个文件夹,哪应该用cat指令进入一下试试, ![image.png](https://upload-images.jianshu.io/upload_images/24919094-74ee22431c459070.png?imageMogr2/auto-orient/strip|imageView2/2/w/1240)

bandit3@bandit:~/inhere$ cat .hidden pIwrPrtPN36QITSp3EQaw936yaFoFgAB

level 4 ~ 5
代码语言:javascript复制
The password for the next level is stored in the only human-readable file in the inhere directory

先进入inhere,ls一下发现用-flle00到file09九个文件 通过file ./*指令看一看文件类型,

./-file00: data./-file01: data./-file02: data./-file03: data./-file04: data./-file05: data ./-file06: data./-file07: ASCII text./-file08: data./-file09: data -file07:

ASCII text.是一个ascll编码的文件,那这个肯定是答案了

博客 服务器 连接 data 编码

0 人点赞