OverTheWire - Bandit - Level 15 → Level 16

2018-12-30 | #Bandit #En #OverTheWire #Walkthrough #Writeup

160 words One minute

Warning: This post contains a solution!

Only continue if:
1.) you want to see a possible alternative solution or
2.) you are stuck and need a hint!

Connect to the server using the following credentials:

Server: bandit.labs.overthewire.org
Port: 2220
Username: bandit15
Password: BfMYxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Level Goal is:

The password for the next level can be retrieved by submitting the password of the current level to port 30001 on localhost using SSL encryption.
Helpful note: Getting “HEARTBEATING” and “Read R BLOCK”? Use -ign_eof and read the “CONNECTED COMMANDS” section in the manpage. Next to ‘R’ and ‘Q’, the ‘B’ command also works in this version of that command…

Connection with SSL encryption is possible using OpenSSL and s_client:

1
2
3
4
bandit15@bandit:~$ openssl s_client -connect localhost:30001

CONNECTED(00000003)
[...]

Now it is possible to type in the password of the current level.
The result is the password for the next level:

1
2
3
4
5
6
---
BfMYxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Correct!
cluFxxxxxxxxxxxxxxxxxxxxxxxxxxxx

closed

BB

BB

OverTheWire - Bandit - Level 15 → Level 16