OverTheWire - Bandit更新中

到hackMD看排版比较好 https://hackmd.io/l4m2suUVRF-XicBfIDxRug#Level4
Level4
Level Goal
The password for the next level is stored in the only human-readable file in the inhere directory. Tip: if your terminal is messed up, try the “reset” command.

解答
先进入/inhere目录
ls显示出有10个档案
file ./* 显示副档名

cat ./-file07打开档案
密码:lrIWWI6bB37kxfiCQZqUdOIYfr6eEeqR

Level5
Level Goal
The password for the next level is stored in a file somewhere under the inhere directory and has all of the following properties:

解答
human-readable
1033 bytes in size
not executable

先进入/inhere目录

按照题目题示查找档案

密码:P4L4vucdmLnm8I7Vl7jG1ApGSfjYKqJU

Level6
Level Goal
The password for the next level is stored somewhere on the server and has all of the following properties:

owned by user bandit7
owned by group bandit6
33 bytes in size

解答
The password for the next level is stored somewhere on the server and has all of the following properties:

owned by user bandit7
owned by group bandit6
33 bytes in size

按照题目设条件

Level7
Level Goal
The password for the next level is stored in the file data.txt next to the word millionth

解答
按照题目条件在 data.txt 查找密码

Level8
Level Goal
The password for the next level is stored in the file data.txt and is the only line of text that occurs only once

解答
先用sort排列后再用uniq -u输出没有重複的字串

Level9
Level Goal
The password for the next level is stored in the file data.txt in one of the few human-readable strings, preceded by several ‘=’ characters.

解答
用strings过滤可阅读的文字,再用grep找出开头是=的字串

Level10
Level Goal
The password for the next level is stored in the file data.txt, which contains base64 encoded data

解答
用base64 -d 解码

Level11
Level Goal
The password for the next level is stored in the file data.txt, where all lowercase (a-z) and uppercase (A-Z) letters have been rotated by 13 positions

解答
用 tr 'A-Za-z' 'N-ZA-Mn-za-m'转换字元 解密RO13

密码: JVNBBFSmZwKKOP0XbFXOoW8chDz5yVRv
Level12
Level Goal
The password for the next level is stored in the file data.txt, which is a hexdump of a file that has been repeatedly compressed. For this level it may be useful to create a directory under /tmp in which you can work using mkdir. For example: mkdir /tmp/myname123. Then copy the datafile using cp, and rename it using mv (read the manpages!)

解答
先将档案移到myname123cp /home/bandit12/data.txt /tmp/myname123
用xxd -r转换进位
再用file看压缩类型
分别用gzip -d bzip2 -d tar xvf解压缩
最后得到密码:wbWdlBxEir4CaE8LaPhauuOo6pwRmrDw
Level13
Level Goal
The password for the next level is stored in /etc/bandit_pass/bandit14 and can only be read by user bandit14. For this level, you don’t get the next password, but you get a private SSH key that can be used to log into the next level. Note: localhost is a hostname that refers to the machine you are working on

解答
先将 sshkey.private 中的key複製
到本机端cat > 档名把key存入后提权chmod 600 档名
再用ssh -i 档名 bandit14@bandit.labs.overthewire.org -p 2220用档案中的key连线
Level14
Level Goal
The password for the next level can be retrieved by submitting the password of the current level to port 30000 on localhost.

解答
先从上一题给的路径/etc/bandit_pass/bandit14 拿到进入localhost的密码
拿到之后用telnet指令连线到127.0.0.1就可以拿到密码

Level15
Level Goal
The password for the next level can be retrieved by submitting the password of the current level to port 30001 on localhost using SSL encryption.

Helpful note: Getting “HEARTBEATING” and “Read R BLOCK”? Use -ign_eof and read the “CONNECTED COMMANDS” section in the manpage. Next to ‘R’ and ‘Q’, the ‘B’ command also works in this version of that command…

解答
用openssl s_client -connect ip:port连线后输入lv14的密码
Level16
Level Goal
The credentials for the next level can be retrieved by submitting the password of the current level to a port on localhost in the range 31000 to 32000. First find out which of these ports have a server listening on them. Then find out which of those speak SSL and which don’t. There is only 1 server that will give the next credentials, the others will simply send back to you whatever you send to it.

解答
用nmap -sV 127.0.0.1 -p 31000-32000搜寻127.0.0.1 port 31000~32000的通讯埠

连线那两个ssl的通讯埠
连线到正确的通讯埠后输入上一题的密码会得到一串金钥
再用lv13的方式登入下一题
Level17
Level Goal
There are 2 files in the homedirectory: passwords.old and passwords.new. The password for the next level is in passwords.new and is the only line that has been changed between passwords.old and passwords.new

NOTE: if you have solved this level and see ‘Byebye!’ when trying to log into bandit18, this is related to the next level, bandit19

解答
用diff -y 档案1 档案2比较两个档案不一样的字串
有 | 标记的是不一样的

按题目取password.new 中的密码
Level18
Level Goal
The password for the next level is stored in a file readme in the homedirectory. Unfortunately, someone has modified .bashrc to log you out when you log in with SSH.

解答
先试着登入后发现会被踢出
照题目用ssh带一个指令,打开readmessh bandit18@bandit.labs.overthewire.org -p 2220 cat readme