본문 바로가기

30./36. Exploit-Exercises

(8)
[exploit-exercises] Nebula level 08 Nebula level08AboutWorld readable files strike again. Check what that user was up to, and use it to log into flag08 account. To do this level, log in as the level08 account with the password level08 . Files for this level can be found in /home/flag08. Source codeThere is no source code available for this level capture.pcap 파일을 패킷 분석 툴을 이용하여 flag08의 비밀번호를 탈취 tcpdump로 패킷 분석 실패... scp를 이용하여 kali li..
[exploit-exercises] Nebula level 06 Nebula level06AboutThe flag06 account credentials came from a legacy unix system. To do this level, log in as the level06 account with the password level06 . Files for this level can be found in /home/flag06. Source codeThere is no source code available for this level 레거시 리눅스에서 flag06 계정의 비밀번호 탈취 /etc/passwd 파일의 권한은 644로root는 읽기 및 수정이 가능하고 other(현제 접속한 계정 level06) 또한 읽기 가능 가장 흔한 password creak 도..
[exploit-exercises] Nebula level 05 Nebula level05AboutCheck the flag05 home directory. You are looking for weak directory permissions To do this level, log in as the level05 account with the password level05 . Files for this level can be found in /home/flag05. Source codeThere is no source code available for this level 디렉토리 권한 문제로 특정 압축파일의 권한이 664이지만 압축 해제된 파일들의 권한은 현제 계정으로 권한이 발급되어 사용 가능 /home/flag05 디렉토리로 접근하면 아래와 같은 파일 확인 가능.s..
[exploit-exercises] Nebula level 04 [미완성] Nebula level04AboutThis level requires you to read the token file, but the code restricts the files that can be read. Find a way to bypass it :) To do this level, log in as the level04 account with the password level04 . Files for this level can be found in /home/flag04. Source code 1#include 2#include 3#include 4#include 5#include 6#include 7 8int main(int argc, char **argv, char **envp) 9{ 10 ..
[exploit-exercises] Nebula level 03 [미완성] Nebula level03AboutCheck the home directory of flag03 and take note of the files there. There is a crontab that is called every couple of minutes. To do this level, log in as the level03 account with the password level03 . Files for this level can be found in /home/flag03. Source codeThere is no source code available for this level nebula login : level03password : level03
[exploit-exercises] Nebula level 02 [미완성] Nebula level02AboutThere is a vulnerability in the below program that allows arbitrary programs to be executed, can you find it? To do this level, log in as the level02 account with the password level02 . Files for this level can be found in /home/flag02. Source code 1#include 2#include 3#include 4#include 5#include 6 7int main(int argc, char **argv, char **envp) 8{ 9 char *buffer; 10 11 gid_t g..
[exploit-exercises] Nebula level 01 Nebula level01AboutThere is a vulnerability in the below program that allows arbitrary programs to be executed, can you find it? To do this level, log in as the level01 account with the password level01 . Files for this level can be found in /home/flag01. Source code 1#include 2#include 3#include 4#include 5#include 6 7int main(int argc, char **argv, char **envp) 8{ 9 gid_t gid; 10 uid_t uid; 11..
[exploit-exercises] Nebula level 00 Nebula level00 AboutThis level requires you to find a Set User ID program that will run as the "flag00" account. You could also find this by carefully looking in top level directories in / for suspicious looking directories. Alternatively, look at the find man page. To access this level, log in as level00 with the password of level00 . Source codeThere is no source code available for this level문..