bandit answers_soltu.cn

1 boJ9jbbUNNfktd78OOpsqOltutMc3MY1
2 CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9
3 UmHadQclWmgdLOKQ3YNgjWxGoRMb5luK
4 pIwrPrtPN36QITSp3EQaw936yaFoFgAB
5 koReBOKuIDDepwhWk7jZC0RTdopnAYKh
6 DXjZPULLxYr17uwoI01bNLQbtFemEgo7
7 HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs
8 cvX2JJa4CFALtqS87jk27qwqGhBM9plV
9 UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR
10 truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk
11 IFukwKGsFW8MOq3IRFqrxE1hxTNEbUPR
12 5Te8Y4drgCRfCx8ugdwuEX8KFC6k2EUu

Q11. The password for the next level is stored in the file data.txt, where all lowercase (a-z) and uppercase (A-Z) letters have been rotated by 13 positions

a rotted by 13 -> m
n rotted by 13 -> z
N rotted by 13 -> Z
A rotted by 13 -> M

bandit11@bandit:~$ cat data.txt
Gur cnffjbeq vf 5Gr8L4qetPEsPk8htqjhRK8XSP6x2RHh

bandit11@bandit:~$ cat data.txt | tr a-zA-Z n-za-mN-ZA-M #位置不能错
The password is 5Te8Y4drgCRfCx8ugdwuEX8KFC6k2EUu
1
2
3
4
5

tr指令详解

Linux tr 命令用于转换或删除文件中的字符。tr 指令从标准输入设备读取数据，经过字符串转译后，将结果输出到标准输出设备。
testfile文件中的内容如下：

$ cat testfile         		#testfile原来的内容  
Linux

$ cat testfile | tr a-z A-Z #转换后的输出  
LINUX
1
2
3
4
5

12. The password for the next level is stored in the file data.txt, which is a hexdump of a file that has been repeatedly compressed. For this level it may be useful to create a directory under /tmp in which you can work using mkdir. For example: mkdir /tmp/myname123. Then copy the datafile using cp, and rename it using mv (read the manpages!)

bandit12@bandit:/tmp/ll$ xxd -r data.txt data.bin
bandit12@bandit:/tmp/ll$ file data.bin
data.bin: gzip compressed data, was "data2.bin", last modified: Tue Oct 16 12:00:23 2018, max compression, from Unix 

bandit12@bandit:/tmp/ll$ mv data.bin data.gz
bandit12@bandit:/tmp/ll$ gzip -d data2.bin

bandit12@bandit:/tmp/ll$ file data2.bin
data: bzip2 compressed data, block size = 900k

#一系列重命名解压后，得到密码为8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL
1
2
3
4
5
6
7
8
9
10
11

xxd详解

xxd的作用就是将一个文件以十六进制的形式显示出来，具体选项如下。

具体用法：

xxd -a -c 12 -g 1 -l 512 -s +0x200 [inputfile]
#【自动跳过空白】【每行显示12字节】【一个字节一块】【显示512字节内容】【从0x200开始】【输入文件】
1
2

file命令

该命令用来识别文件类型，也可用来辨别一些文件的编码格式。它是通过查看文件的头部信息来获取文件类型，而不是像Windows通过扩展名来确定文件类型的。

13. The password for the next level is stored in /etc/bandit_pass/bandit14 and can only be read by user bandit14. For this level, you don’t get the next password, but you get a private SSH key that can be used to log into the next level. Note: localhost is a hostname that refers to the machine you are working on

bandit13@bandit:~$ ssh -i ssh.privateKey bandit14@localhost

1
2

ssh详解

1.登录
ssh -p22 omd@192.168.25.137
2.直接执行命令 -->最好全路径
ssh root@192.168.25.137 ls -ltr /backup/data
==>ssh root@192.168.25.137 /bin/ls -ltr /backup/data
3.查看已知主机
cat /root/.ssh/known_hosts
4.ssh远程执行sudo命令
ssh -t omd@192.168.25.137 sudo rsync hosts /etc/

5.scp
1.功能 -->远程文件的安全(加密)拷贝
scp -P22 -r -p /home/omd/h.txt omd@192.168.25.137:/home/omd/
2.scp知识小结
scp是加密远程拷贝，cp为本地拷贝
可以推送过去，也可以拉过来
每次都是全量拷贝(效率不高，适合第一次)，增量拷贝用rsync

6.免密登录
bandit14@bandit:~$ ssh-keygen

14. The password for the next level can be retrieved by submitting the password of the current level to port 30000 on localhost.

bandit14@bandit:~$ telnet localhost 30000
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e
Correct!
BfMYroe26WYalil77FoDi9qh59eK5xNr

Connection closed by foreign host.

## 也可以用nc
bandit14@bandit:~$ nc localhost 30000
4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e
Correct!
BfMYroe26WYalil77FoDi9qh59eK5xNr
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

nc详解

其实netcat的原理很简单,它就是从网络的一端读入数据,然后输出到网络的另一端,它可以使用tcp和udp协议.之所以叫做netcat,因为它是网络上的cat,想象一下cat的功能,读出一个文件的内容,然后输出到屏幕上(默认的stdout是屏幕,当然可以重定向到其他地方).netcat也是如此,它读取一端的输入,然后传送到网络的另一端。netcat的命令行程序名字为nc,是netcat的缩写,安装完了是找不到netcat这个程序的.