시작
안녕하세요!! :D
오랜만에 Overthewire 포스팅입니다.
pwanble.kr 풀다가 지쳤.. ㅎㅎ… 여기 약간 도피처..ㅎㅎ..
..시작해보죠!!
root@goorm:/workspace/LCH_Server# ssh bandit12@bandit.labs.overthewire.org -p2220
문제
The password for the next level is stored in the file data.txt, which is a hexdump of a file that has been repeatedly compressed. For this level it may be useful to create a directory under /tmp in which you can work using mkdir. For example: mkdir /tmp/myname123. Then copy the datafile using cp, and rename it using mv (read the manpages!)
data.txt 안에 있다는데, 여러 번 압축되어 있다고 하네요.
자기 폴더 만들어서 푸는게 좋다고 써있습니다.
하란대로 해보죠!
bandit12@bandit:~$ mkdir /tmp/LCH
bandit12@bandit:~$ cp data.txt /tmp/LCH
bandit12@bandit:~$ cd /tmp/LCH
bandit12@bandit:/tmp/LCH$ ls
data.txt
data.txt 파일을 보겠습니다.
bandit12@bandit:/tmp/LCH$ cat data.txt
00000000: 1f8b 0808 d7d2 c55b 0203 6461 7461 322e .......[..data2.
00000010: 6269 6e00 013c 02c3 fd42 5a68 3931 4159 bin..<...BZh91AY
00000020: 2653 591d aae5 9800 001b ffff de7f 7fff &SY.............
00000030: bfb7 dfcf 9fff febf f5ad efbf bbdf 7fdb ................
00000040: f2fd ffdf effa 7fff fbd7 bdff b001 398c ..............9.
00000050: 1006 8000 0000 0d06 9900 0000 6834 000d ............h4..
00000060: 01a1 a000 007a 8000 0d00 0006 9a00 d034 .....z.........4
00000070: 0d1a 3234 68d1 e536 a6d4 4000 341a 6200 ..24h..6..@.4.b.
00000080: 0069 a000 0000 0000 d003 d200 681a 0d00 .i..........h...
00000090: 0001 b51a 1a0c 201e a000 6d46 8068 069a ...... ...mF.h..
000000a0: 6834 340c a7a8 3406 4000 0680 0001 ea06 h44...4.@.......
000000b0: 8190 03f5 4032 1a00 0343 4068 0000 0686 ....@2...C@h....
000000c0: 8000 0320 00d0 0d00 0610 0014 1844 0308 ... .........D..
000000d0: 04e1 c542 9ab8 2c30 f1be 0b93 763b fb13 ...B..,0....v;..
000000e0: 50c4 c101 e008 3b7a 92a7 9eba 8a73 8d21 P.....;z.....s.!
000000f0: 9219 9c17 052b fb66 a2c2 fccc 9719 b330 .....+.f.......0
00000100: 6068 8c65 e504 5ec0 ae02 fa6d 16bc 904b `h.e..^....m...K
00000110: ba6c f692 356e c02b 0374 c394 6859 f5bb .l..5n.+.t..hY..
00000120: 0f9f 528e 4272 22bb 103c 2848 d8aa 2409 ..R.Br"..<(H..$.
00000130: 24d0 d4c8 4b42 7388 ce25 6c1a 7ec1 5f17 $...KBs..%l.~._.
00000140: cc18 ddbf edc1 e3a4 67f1 7a4d 8277 c823 ........g.zM.w.#
00000150: 0450 2232 40e0 07f1 ca16 c6d6 ef0d ecc9 .P"2@...........
00000160: 8bc0 5e2d 4b12 8586 088e 8ca0 e67d a55c ..^-K........}.\
00000170: 2ca0 18c7 bfb7 7d45 9346 ea5f 2172 01e4 ,.....}E.F._!r..
00000180: 5598 673f 45af 69b7 a739 7814 8706 04ed U.g?E.i..9x.....
00000190: 5442 1240 0796 6cc8 b2f6 1ef9 8d13 421d TB.@..l.......B.
000001a0: 461f 2e68 4d91 5343 34b5 56e7 46d0 0a0a F..hM.SC4.V.F...
000001b0: 72b7 d873 71d9 6f09 c326 402d dbc0 7cef r..sq.o..&@-..|.
000001c0: 53b1 df60 9ec7 f318 00df 3907 2e85 d85b S..`......9....[
000001d0: 6a1a e105 0207 c580 e31d 82d5 8646 183c j............F.<
000001e0: 6a04 4911 101a 5427 087c 1f94 47a2 270d j.I...T'.|..G.'.
000001f0: ad12 fc5c 9ad2 5714 514f 34ba 701d fb69 ...\..W.QO4.p..i
00000200: 8eed 0183 e2a1 53ea 2300 26bb bd2f 13df ......S.#.&../..
00000210: b703 08a3 2309 e43c 44bf 75d4 905e 5f96 ....#..<D.u..^_.
00000220: 481b 362e e82d 9093 7741 740c e65b c7f1 H.6..-..wAt..[..
00000230: 5550 f247 9043 5097 d626 3a16 da32 c213 UP.G.CP..&:..2..
00000240: 2acd 298a 5c8a f0c1 b99f e2ee 48a7 0a12 *.).\.......H...
00000250: 03b5 5cb3 0037 cece 773c 0200 00 ..\..7..w<...
워.. 헥스덤프..
xxd 명령어의 -r 옵션을 이용해서 이 녀석을 바이너리로 바꿔버리겠습니다.
bandit12@bandit:/tmp/LCH$ xxd -r data.txt > question
bandit12@bandit:/tmp/LCH$ ls
data.txt question
bandit12@bandit:/tmp/LCH$ file question
question: gzip compressed data, was "data2.bin", last modified: Tue Oct 16 12:00:23 2018, max compression, from Unix
저는 question 파일에 넣었습니다.
얘는 gzip으로 압축된 파일이라고 하네요. 풀어줍시다. 풀어줄 땐 뒤에 확장자명을 붙여야 합니다!!
bandit12@bandit:/tmp/LCH$ gzip -d question.gz
bandit12@bandit:/tmp/LCH$ ls
data.txt question
bandit12@bandit:/tmp/LCH$ file question
question: bzip2 compressed data, block size = 900k
이번엔 bzip2로 압축되었다고 하네요. 확장자명 붙이고 또 풀어줍시다.
bandit12@bandit:/tmp/LCH$ mv question question.bz
bandit12@bandit:/tmp/LCH$ bzip2 -d question.bz
bandit12@bandit:/tmp/LCH$ ls
data.txt question
bandit12@bandit:/tmp/LCH$ file question
question: gzip compressed data, was "data4.bin", last modified: Tue Oct 16 12:00:23 2018, max compression, from Unix
.. 또 gzip이랍니다. 확장자 바꾸고 또 풀어줍시다..
bandit12@bandit:/tmp/LCH$ mv question question.gz
bandit12@bandit:/tmp/LCH$ gzip -d question.gz
bandit12@bandit:/tmp/LCH$ ls
data.txt question
bandit12@bandit:/tmp/LCH$ file question
question: POSIX tar archive (GNU)
이번엔 tar로 묶여있네요. 확장자 바꾸고 또 tar -xvf로..
bandit12@bandit:/tmp/LCH$ mv question question.tar
bandit12@bandit:/tmp/LCH$ ls
data.txt question.tar
bandit12@bandit:/tmp/LCH$ tar -xvf question.tar
data5.bin
bandit12@bandit:/tmp/LCH$ file data5.bin
data5.bin: POSIX tar archive (GNU)
data5.bin이 뿅 하고 나왔는데, 이 녀석도 tar로 묶여있네요.
음.. 여기까지 오셨으면 어떻게 하는지 아시겠죠?
이하 생략 ㅎ..
bandit12@bandit:/tmp/LCH$ mv data5.bin data5.bin.tar
bandit12@bandit:/tmp/LCH$ tar -xvf data5.bin.tar
data6.bin
bandit12@bandit:/tmp/LCH$ file data6.bin
data6.bin: bzip2 compressed data, block size = 900k
bandit12@bandit:/tmp/LCH$ mv data6.bin data6.bin.bz
bandit12@bandit:/tmp/LCH$ bzip2 -d data6.bin.bz
bandit12@bandit:/tmp/LCH$ ls
data5.bin.tar data6.bin data.txt question.tar
bandit12@bandit:/tmp/LCH$ file data6.bin
data6.bin: POSIX tar archive (GNU)
bandit12@bandit:/tmp/LCH$ mv data6.bin data6.bin.tar
bandit12@bandit:/tmp/LCH$ tar -xvf data6.bin.tar
data8.bin
bandit12@bandit:/tmp/LCH$ file data8.bin
data8.bin: gzip compressed data, was "data9.bin", last modified: Tue Oct 16 12:00:23 2018, max compression, from Unix
bandit12@bandit:/tmp/LCH$ mv data8.bin data8.bin.gz
bandit12@bandit:/tmp/LCH$ gzip -d data8.bin.gz
bandit12@bandit:/tmp/LCH$ ls
data5.bin.tar data6.bin.tar data8.bin data.txt question.tar
bandit12@bandit:/tmp/LCH$ file data8.bin
data8.bin: ASCII text
bandit12@bandit:/tmp/LCH$ cat data8.bin
The password is 8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL
꼭꼭 숨겨져 있던 bandit13의 비밀번호는 8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL 였습니다!
마무리
압축 해제 - 압축 해제 - 압축 해제.. 하다보니 뿅 나왔네요.
특별히 어려운 부분은 없었습니다!
Level 13 → Level 14에서 뵙겠습니다 :D
'CTF_Write_UP > overthewire' 카테고리의 다른 글
| Overthewire : Bandit Level 11 → Level 12 (0) | 2019.04.14 |
|---|---|
| Overthewire : Bandit Level 10 → Level 11 (0) | 2019.04.13 |
| Overthewire : Bandit Level 9 → Level 10 (0) | 2019.04.11 |
| Overthewire : Bandit Level 8 → Level 9 (0) | 2019.04.11 |
| Overthewire : Bandit Level 7 → Level 8 (0) | 2019.04.11 |