Bandit 15 Objectives The password for the next level can be retrieved by submitting the password of the current level to port 30000 on localhost . Solution bandit14@bandit:~$ nmap -p 30000 localhost Starting Nmap 7.40 ( https://nmap.org ) at 2019-05-28 22:23 CEST Nmap scan report for localhost (127.0.0.1) Host is up (0.00011s latency). PORT STATE SERVICE 30000/tcp open ndmps ok so there is an open TCP port on 3000 bandit14@bandit:~$ nc localhost 30000 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e Correct! BfMYroe26WYalil77FoDi9qh59eK5xNr Let's script this in python import os os.system("echo 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e | netcat localhost 30000") Correct! BfMYroe26WYalil77FoDi9qh59eK5xNr ** I know this is kind of cheating with python. I fought for a while with trying to create a socket connection to port 3000 and sending the pass that way but I couldn't get it working..... maybe I'll revisit this later**
@circusmonkey404 on the twitters; DM for contact