赞
踩
1 boJ9jbbUNNfktd78OOpsqOltutMc3MY1
2 CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9
3 UmHadQclWmgdLOKQ3YNgjWxGoRMb5luK
4 pIwrPrtPN36QITSp3EQaw936yaFoFgAB
5 koReBOKuIDDepwhWk7jZC0RTdopnAYKh
6 DXjZPULLxYr17uwoI01bNLQbtFemEgo7
7 HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs
8 cvX2JJa4CFALtqS87jk27qwqGhBM9plV
9 UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR
10 truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk
11 IFukwKGsFW8MOq3IRFqrxE1hxTNEbUPR
12 5Te8Y4drgCRfCx8ugdwuEX8KFC6k2EUu
Q11. The password for the next level is stored in the file data.txt, where all lowercase (a-z) and uppercase (A-Z) letters have been rotated by 13 positions
a rotted by 13 -> m
n rotted by 13 -> z
N rotted by 13 -> Z
A rotted by 13 -> M
bandit11@bandit:~$ cat data.txt
Gur cnffjbeq vf 5Gr8L4qetPEsPk8htqjhRK8XSP6x2RHh
bandit11@bandit:~$ cat data.txt | tr a-zA-Z n-za-mN-ZA-M #位置不能错
The password is 5Te8Y4drgCRfCx8ugdwuEX8KFC6k2EUu
tr
指令详解Linux tr 命令用于转换或删除文件中的字符。tr 指令从标准输入设备读取数据,经过字符串转译后,将结果输出到标准输出设备。
testfile文件中的内容如下:
$ cat testfile #testfile原来的内容
Linux
$ cat testfile | tr a-z A-Z #转换后的输出
LINUX
12. The password for the next level is stored in the file data.txt, which is a hexdump of a file that has been repeatedly compressed. For this level it may be useful to create a directory under /tmp in which you can work using mkdir. For example: mkdir /tmp/myname123. Then copy the datafile using cp, and rename it using mv (read the manpages!)
bandit12@bandit:/tmp/ll$ xxd -r data.txt data.bin
bandit12@bandit:/tmp/ll$ file data.bin
data.bin: gzip compressed data, was "data2.bin", last modified: Tue Oct 16 12:00:23 2018, max compression, from Unix
bandit12@bandit:/tmp/ll$ mv data.bin data.gz
bandit12@bandit:/tmp/ll$ gzip -d data2.bin
bandit12@bandit:/tmp/ll$ file data2.bin
data: bzip2 compressed data, block size = 900k
#一系列重命名解压后,得到密码为8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL
xxd
详解xxd的作用就是将一个文件以十六进制的形式显示出来,具体选项如下。
选项 | 描述 |
---|---|
-a | 它的作用是自动跳过空白内容,默认是关闭的 |
-c | 它的后面加上数字表示每行显示多少字节的十六进制数,默认是16字节。 |
-g | 设定以几个字节为一块,默认为2字节。 |
-l | 显示多少字节的内容。 |
-r | 十六进制转二进制 |
-s | 后面接【±】和address.加号表示从地址处开始的内容,减号表示距末尾address开始的内容。 |
具体用法:
xxd -a -c 12 -g 1 -l 512 -s +0x200 [inputfile]
#【自动跳过空白】【每行显示12字节】【一个字节一块】【显示512字节内容】【从0x200开始】【输入文件】
file
命令该命令用来识别文件类型,也可用来辨别一些文件的编码格式。它是通过查看文件的头部信息来获取文件类型,而不是像Windows通过扩展名来确定文件类型的。
13. The password for the next level is stored in /etc/bandit_pass/bandit14 and can only be read by user bandit14. For this level, you don’t get the next password, but you get a private SSH key that can be used to log into the next level. Note: localhost is a hostname that refers to the machine you are working on
bandit13@bandit:~$ ssh -i ssh.privateKey bandit14@localhost
1.登录
ssh -p22 omd@192.168.25.137
2.直接执行命令 -->最好全路径
ssh root@192.168.25.137 ls -ltr /backup/data
==>ssh root@192.168.25.137 /bin/ls -ltr /backup/data
3.查看已知主机
cat /root/.ssh/known_hosts
4.ssh远程执行sudo命令
ssh -t omd@192.168.25.137 sudo rsync hosts /etc/
5.scp
1.功能 -->远程文件的安全(加密)拷贝
scp -P22 -r -p /home/omd/h.txt omd@192.168.25.137:/home/omd/
2.scp知识小结
scp是加密远程拷贝,cp为本地拷贝
可以推送过去,也可以拉过来
每次都是全量拷贝(效率不高,适合第一次),增量拷贝用rsync
6.免密登录
bandit14@bandit:~$ ssh-keygen
14. The password for the next level can be retrieved by submitting the password of the current level to port 30000 on localhost.
bandit14@bandit:~$ telnet localhost 30000
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e
Correct!
BfMYroe26WYalil77FoDi9qh59eK5xNr
Connection closed by foreign host.
## 也可以用nc
bandit14@bandit:~$ nc localhost 30000
4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e
Correct!
BfMYroe26WYalil77FoDi9qh59eK5xNr
其实netcat的原理很简单,它就是从网络的一端读入数据,然后输出到网络的另一端,它可以使用tcp和udp协议.之所以叫做netcat,因为它是网络上的cat,想象一下cat的功能,读出一个文件的内容,然后输出到屏幕上(默认的stdout是屏幕,当然可以重定向到其他地方).netcat也是如此,它读取一端的输入,然后传送到网络的另一端。netcat的命令行程序名字为nc,是netcat的缩写,安装完了是找不到netcat这个程序的.
Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。