wargames闯关bandit

date
Aug 5, 2021 12:17 PM
Related to 日程数据 1 (blog)
tags
Writeup
Website
slug
war
summary
wargames

level1

 
flag是readme里的密码
用密码登录下一关
 
notion image
boJ9jbbUNNfktd78OOpsqOltutMc3MY1
notion image
CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9
 
bandit2@bandit:~$ pwd
/home/bandit2
bandit2@bandit:~$ ls -a
.  ..  .bash_logout  .bashrc  .profile  spaces in this filename
bandit2@bandit:~$ cat spaces\ in\ this\ filename
UmHadQclWmgdLOKQ3YNgjWxGoRMb5luK
bandit2@bandit:~$

Bandit Level 3 → Level 4

The password for the next level is stored in a hidden file in the inhere directory.
bandit3@bandit:~$ pwd
/home/bandit3
bandit3@bandit:~$ ls -al
total 24
drwxr-xr-x  3 root root 4096 May  7  2020 .
drwxr-xr-x 41 root root 4096 May  7  2020 ..
-rw-r--r--  1 root root  220 May 15  2017 .bash_logout
-rw-r--r--  1 root root 3526 May 15  2017 .bashrc
drwxr-xr-x  2 root root 4096 May  7  2020 inhere
-rw-r--r--  1 root root  675 May 15  2017 .profile
bandit3@bandit:~$ cd inhere/
bandit3@bandit:~/inhere$ ls
bandit3@bandit:~/inhere$ ls -al
total 12
drwxr-xr-x 2 root    root    4096 May  7  2020 .
drwxr-xr-x 3 root    root    4096 May  7  2020 ..
-rw-r----- 1 bandit4 bandit3   33 May  7  2020 .hidden
bandit3@bandit:~/inhere$ cat .hidden
pIwrPrtPN36QITSp3EQaw936yaFoFgAB
bandit3@bandit:~/inhere$
 
bandit4@bandit:~$ pwd
/home/bandit4
bandit4@bandit:~$ ls -al
total 24
drwxr-xr-x  3 root root 4096 May  7  2020 .
drwxr-xr-x 41 root root 4096 May  7  2020 ..
-rw-r--r--  1 root root  220 May 15  2017 .bash_logout
-rw-r--r--  1 root root 3526 May 15  2017 .bashrc
drwxr-xr-x  2 root root 4096 May  7  2020 inhere
-rw-r--r--  1 root root  675 May 15  2017 .profile
bandit4@bandit:~$ cd inhere/
bandit4@bandit:~/inhere$ ls
-file00  -file01  -file02  -file03  -file04  -file05  -file06  -file07  -file08  -file09
bandit4@bandit:~/inhere$ cat *
cat: invalid option -- 'f'
Try 'cat --help' for more information.
bandit4@bandit:~/inhere$ cat <-file00
�/`2ғ�%��rL~5�g��� �����bandit4@bandit:~/inhere$ ls -la
total 48
drwxr-xr-x 2 root    root    4096 May  7  2020 .
drwxr-xr-x 3 root    root    4096 May  7  2020 ..
-rw-r----- 1 bandit5 bandit4   33 May  7  2020 -file00
-rw-r----- 1 bandit5 bandit4   33 May  7  2020 -file01
-rw-r----- 1 bandit5 bandit4   33 May  7  2020 -file02
-rw-r----- 1 bandit5 bandit4   33 May  7  2020 -file03
-rw-r----- 1 bandit5 bandit4   33 May  7  2020 -file04
-rw-r----- 1 bandit5 bandit4   33 May  7  2020 -file05
-rw-r----- 1 bandit5 bandit4   33 May  7  2020 -file06
-rw-r----- 1 bandit5 bandit4   33 May  7  2020 -file07
-rw-r----- 1 bandit5 bandit4   33 May  7  2020 -file08
-rw-r----- 1 bandit5 bandit4   33 May  7  2020 -file09
bandit4@bandit:~/inhere$ file -file00
file: Cannot open `ile00' (No such file or directory).
bandit4@bandit:~/inhere$ file ./-file00
./-file00: data
bandit4@bandit:~/inhere$ file -file*
file: Cannot open `ile00' (No such file or directory).
file: Cannot open `ile01' (No such file or directory).
file: Cannot open `ile02' (No such file or directory).
file: Cannot open `ile03' (No such file or directory).
file: Cannot open `ile04' (No such file or directory).
file: Cannot open `ile05' (No such file or directory).
file: Cannot open `ile06' (No such file or directory).
file: Cannot open `ile07' (No such file or directory).
file: Cannot open `ile08' (No such file or directory).
file: Cannot open `ile09' (No such file or directory).
bandit4@bandit:~/inhere$ file ./-file*
./-file00: data
./-file01: data
./-file02: data
./-file03: data
./-file04: data
./-file05: data
./-file06: data
./-file07: ASCII text
./-file08: data
./-file09: data
bandit4@bandit:~/inhere$ cat ./-file07
koReBOKuIDDepwhWk7jZC0RTdopnAYKh
bandit4@bandit:~/inhere$
 
登录有点烦人
配置一波
 
 
Host bandit5
   User bandit5
   HostName bandit.labs.overthewire.org
   Port 2220
Host bandit6
   User bandit6
   HostName bandit.labs.overthewire.org
   Port 2220
Host bandit7
   User bandit7
   HostName bandit.labs.overthewire.org
   Port 2220
Host bandit8
   User bandit8
   HostName bandit.labs.overthewire.org
   Port 2220
Host bandit9
   User bandit9
   HostName bandit.labs.overthewire.org
   Port 2220
Host bandit10
   User bandit10
   HostName bandit.labs.overthewire.org
   Port 2220
Host bandit11
   User bandit11
   HostName bandit.labs.overthewire.org
   Port 2220
Host bandit12
   User bandit12
   HostName bandit.labs.overthewire.org
   Port 2220
Host bandit13
   User bandit13
   HostName bandit.labs.overthewire.org
   Port 2220
Host bandit14
   User bandit14
   HostName bandit.labs.overthewire.org
   Port 2220
Host bandit15
   User bandit15
   HostName bandit.labs.overthewire.org
   Port 2220
Host bandit16
   User bandit16
   HostName bandit.labs.overthewire.org
   Port 2220
Host bandit17
   User bandit17
   HostName bandit.labs.overthewire.org
   Port 2220
Host bandit18
   User bandit18
   HostName bandit.labs.overthewire.org
   Port 2220
The password for the next level is stored in a file somewhere under the inhere directory and has all of the following properties:
  • human-readable
  • 1033 bytes in size
  • not executable
bandit5@bandit:~$
bandit5@bandit:~$ pwd
/home/bandit5
bandit5@bandit:~$ find . -size 1033c
./inhere/maybehere07/.file2
bandit5@bandit:~$ find . -size 1033c ! -perm /a=x 
./inhere/maybehere07/.file2
y
DXjZPULLxYr17uwoI01bNLQbtFemEgo7 
bandit5@bandit:~$ find . -size 1033c ! -perm /a=x -ok cat {} \;
< cat ... ./inhere/maybehere07/.file2 > ?
bandit5@bandit:~$ find . -size 1033c ! -perm /a=x -exec cat {} \;
DXjZPULLxYr17uwoI01bNLQbtFemEgo7                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       bandit5@bandit:~$ find . -size 1033c ! -perm /a=x -ok cat {} \;
bandit5@bandit:~$ find . -size 1033c ! -perm /a=x |xargs  cat
DXjZPULLxYr17uwoI01bNLQbtFemEgo7
  • owned by user bandit7
  • owned by group bandit6
  • 33 bytes in size
bandit6@bandit:~$ find / -type f -user bandit7 -group bandit6 -size 33c 2>/dev/null
/var/lib/dpkg/info/bandit7.password
bandit6@bandit:~$ cat $(find / -type f -user bandit7 -group bandit6 -size 33c 2>/dev/null)
HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs
bandit6@bandit:~$
The password for the next level is stored in the file data.txt next to the word millionth
 
bandit7@bandit:~$ pwd
/home/bandit7
bandit7@bandit:~$ find
.
./.bashrc
./.profile
./.bash_logout
./data.txt
bandit7@bandit:~$ wc -l data.txt
98567 data.txt
bandit7@bandit:~$ more data.txt
binning	WnfnFPqkuhl2nwHBohzn2C4L5W0gwcLq
abuts	v8PAwDdkGDdp5NsJ7ZFM5A7TJ5MkYDbm
fathead	wBhCy0fqvbQdexz5kMKBtGoSWgXw7s0H
attacks	3GzwnGiZnBDdVuHivJk1pEfOOYu7uOTa
lopping	H9hzviFp1QO4WF8EzcQNl5MDz5r1bzUC
tyrannosaurus	WxtYXVar4sgInHp7YUpTzOjdUw1Ww0x8
reservists	QDidoX6BN1MDTi0QwA6Vt82L9Rb64cm3
atrophy's	mSpCwP9VgcGRn1SCD8R9bb9cPBl2yqkW
bolt's	726RB3lt2RmeCtbWEQ8lhUAxVBJfepy0
Klondikes	wVh3ILxQAsKg8WNnFHp8GxtnSu213GbR
spatulas	k7YBF0D09pnjHKVuDG12KA2hdfFLEOsG
emending	ppqz0MTdjpt126Sy4sSISqh8kdn02fAC
gangrenes	3XssrPp6kgwTImB0QbdbVmVxHTNkQUCc
proportionate	0HoqF84boKrYnQm9xtcxaPdQ5D389g5c
sectarian	pSVmt2ghL6WDbMtD71EIsuhNk2g0ADjS
subjugation	16WI1nJY9ySs7F0WtsiT7ZvOLw36Pcq0
embroideries	m9ow4lmYnwSnqaRZs6hYJiSNxFu1NL4Q
bandit7@bandit:~$ cat data.txt |grep millionth
millionth	cvX2JJa4CFALtqS87jk27qwqGhBM9plV
bandit7@bandit:~$
 
The password for the next level is stored in the file data.txt and is the only line of text that occurs only once
bandit8@bandit:~$ pwd
/home/bandit8
bandit8@bandit:~$ find
.
./.bashrc
./.profile
./.bash_logout
./data.txt
bandit8@bandit:~$ wc -l data.txt
1001 data.txt
bandit8@bandit:~$ sort data.txt |uniq -c
     10 07KC3ukwX7kswl8Le9ebb3H3sOoNTsR2
     10 0efnqHY1ZTNRu4LsDX4D73DsxIQq7RuJ
      .......
     10 U0NYdD3wHZKpfEg9qGQOLJimAJy6qxhS
     10 UASW6CQwD6MRzftu6FAfyXBK0cVvnBLP
     10 UJiCNvDNfgb3fcCj8PjjnAXHqUM63Uyj
     10 UjsVbcqKeJqdCZQCDMkzv6A9X7hLbNE4
      1 UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR
     10 UVnZvhiVQECraz5jl8U14sMVZQhjuXia
     10 V2d9umHiuPLYLIDsuHj0frOEmreCZMaA
     10 v9zaxkVAOdIOlITZY2uoCtB1fX2gmly9
     10 VkBAEWyIibVkeURZV5mowiGg6i3m7Be0
     10 w4zUWFGTUrAAh8lNkS8gH3WK2zowBEkA
     10 WBqr9xvf6mYTT5kLcTGCG6jb3ex94xWr
     10 wjNwumEX58RUQTrufHMciWz5Yx10GtTC
     10 X1JHOUkrb4KgugMXIzMWWIWvRkeZleTI
     10 XyeJdbrUJyGtdGx8cXLQST0pwu5cvpcA
     10 yo0HbSe2GM0jJNhRQLxwoPp7ayYEmRKY
     10 ySvsTwlMgnUF0n86Fgmn2TNjkSOlrV72
     10 Z9OC6DQpppreChPhwRJJV9YYTtrxNVcO
     10 zdd2ctVveROGeiS2WE3TeLZMeL5jL7iM
bandit8@bandit:~$ sort data.txt |uniq -u
UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR
bandit8@bandit:~$ sort data.txt |uniq
07KC3ukwX7kswl8Le9ebb3H3sOoNTsR2
0efnqHY1ZTNRu4LsDX4D73DsxIQq7RuJ
0N65ZPpNGkUJePzFxctCRZRXVrCbUGfm
0Xo6DLyK5izRqEtBA7sW2SRmlAixWYSg
10XitczY5Dz7UMoseKIeFWSzzwQrylfw
1ETSsKgjfQj1cJeFzXLJWzKzza3iWcJa
1T6qw9I32d71cS3TTvwmVp1WsxPFDJ9I
2bFz9F0yRwxGzVCZ4Er04bk00qfUrzWb
2CxmtCkpNL5ZjuoNzAtShkPXf5T43W7s
337o85y4OymIh99WPUtotkb114evfAkC
33xpPQhjt4Q2mqtX4sCVRwH2Zyh82E8R
5cO8XuoQWrzsyeOWDht8zgUIVWSRDaeC
6PF22p6O8TphCTZot9ApZx8VfGuo8rd5
7KaMzgnYMUeMISP9vuT3Dvsc06qfqa9u
7uhj3nhe4AS0esnnEZHBAZN67fJ8BFjM
8jtZmvqp9PTi8tp1oybBM663NQH3fhII
8NtHZnWzCA8HswoJSCU7Ojg8nP3eKpsA
.......
bandit8@bandit:~$
 
The password for the next level is stored in the file data.txt in one of the few human-readable strings, preceded by several ‘=’ characters.
bandit9@bandit:~$ find
.
./.bashrc
./.profile
./.bash_logout
./data.txt
bandit9@bandit:~$ grep data.txt "="
grep: =: No such file or directory
bandit9@bandit:~$ grep "=" data.txt
Binary file data.txt matches
bandit9@bandit:~$ file data.txt
data.txt: data
bandit9@bandit:~$ strings data.txt
Z/,_

OxYF
68}j
Q~a`%
========== password
#|-l

}1:LF
]vur
Emlld
&========== truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk
_Gmz
\Uli,
The password for the next level is stored in the file data.txt, which contains base64 encoded data
bandit10@bandit:~$ find
.
./.bashrc
./.profile
./.bash_logout
./data.txt
bandit10@bandit:~$ file data.txt
data.txt: ASCII text
bandit10@bandit:~$ cat data.txt
VGhlIHBhc3N3b3JkIGlzIElGdWt3S0dzRlc4TU9xM0lSRnFyeEUxaHhUTkViVVBSCg==
bandit10@bandit:~$ man base64
bandit10@bandit:~$ base64 -d data.txt
The password is IFukwKGsFW8MOq3IRFqrxE1hxTNEbUPR
bandit10@bandit:~$
The password for the next level is stored in the file data.txt, where all lowercase (a-z) and uppercase (A-Z) letters have been rotated by 13 positions
 
rot13!!!!
Gur cnffjbeq vf 5Gr8L4qetPEsPk8htqjhRK8XSP6x2RHh
bandit11@bandit:~$
notion image
能登录,是对的cat data.txt | tr 'A-Za-z' 'N-ZA-Mn-za-m' shell 的高级玩法
 
The password for the next level is stored in the file data.txt, which is a hexdump of a file that has been repeatedly compressed. For this level it may be useful to create a directory under /tmp in which you can work using mkdir. For example: mkdir /tmp/myname123. Then copy the datafile using cp, and rename it using mv
 
只有tmp/?/下有权限
bandit12@bandit:~$ find
.
./.bashrc
./.profile
./.bash_logout
./data.txt
bandit12@bandit:~$ ls -l
total 4
-rw-r----- 1 bandit13 bandit12 2582 May  7  2020 data.txt
bandit12@bandit:~$ more data.txt
00000000: 1f8b 0808 0650 b45e 0203 6461 7461 322e  .....P.^..data2.
00000010: 6269 6e00 013d 02c2 fd42 5a68 3931 4159  bin..=...BZh91AY
00000020: 2653 598e 4f1c c800 001e 7fff fbf9 7fda  &SY.O...........
00000030: 9e7f 4f76 9fcf fe7d 3fff f67d abde 5e9f  ..Ov...}?..}..^.
00000040: f3fe 9fbf f6f1 feee bfdf a3ff b001 3b1b  ..............;.
00000050: 5481 a1a0 1ea0 1a34 d0d0 001a 68d3 4683  T......4....h.F.
00000060: 4680 0680 0034 1918 4c4d 190c 4000 0001  F....4..LM..@...
00000070: a000 c87a 81a3 464d a8d3 43c5 1068 0346  ...z..FM..C..h.F
00000080: 8343 40d0 3400 0340 66a6 8068 0cd4 f500  .C@.4..@f..h....
00000090: 69ea 6800 0f50 68f2 4d00 680d 06ca 0190  i.h..Ph.M.h.....
000000a0: 0000 69a1 a1a0 1ea0 194d 340d 1ea1 b280  ..i......M4.....
000000b0: f500 3406 2340 034d 3400 0000 3403 d400  ..4.#@.M4...4...
000000c0: 1a07 a832 3400 f51a 0003 43d4 0068 0d34  ...24.....C..h.4
000000d0: 6868 f51a 3d43 2580 3e58 061a 2c89 6bf3  hh..=C%.>X..,.k.
000000e0: 0163 08ab dc31 91cd 1747 599b e401 0b06  .c...1...GY.....
000000f0: a8b1 7255 a3b2 9cf9 75cc f106 941b 347a  ..rU....u.....4z
00000100: d616 55cc 2ef2 9d46 e7d1 3050 b5fb 76eb  ..U....F..0P..v.
00000110: 01f8 60c1 2201 33f0 0de0 4aa6 ec8c 914f  ..`.".3...J....O
bandit12@bandit:~$ file data.txt
data.txt: ASCII text
bandit12@bandit:/tmp$ mkdir 666
bandit12@bandit:/tmp$ cd 666
bandit12@bandit:/tmp/666$ ls
bandit12@bandit:/tmp/666$ xxd -r ~/data.txt  /tmp/666/bin
bandit12@bandit:/tmp/666$ ls
bin
bandit12@bandit:/tmp/666$ file bin
bin: gzip compressed data, was "data2.bin", last modified: Thu May  7 18:14:30 2020, max compression, from Unix
bandit12@bandit:/tmp/666$ gzip -d bin
gzip: bin: unknown suffix -- ignored
bandit12@bandit:/tmp/666$ mv bin bin.gz
bandit12@bandit:/tmp/666$ gzip -d bin.gz
bandit12@bandit:/tmp/666$ ls
bin
bandit12@bandit:/tmp/666$ file bin
bin: bzip2 compressed data, block size = 900k
bandit12@bandit:/tmp/666$ mv bin bin.bz2
bandit12@bandit:/tmp/666$ bun2zip -d bin.bz2
-bash: bun2zip: command not found
bandit12@bandit:/tmp/666$ bunzip2 -d bin.bz2
bandit12@bandit:/tmp/666$ ls
bin
bandit12@bandit:/tmp/666$ file bin
bin: gzip compressed data, was "data4.bin", last modified: Thu May  7 18:14:30 2020, max compression, from Unix
bandit12@bandit:/tmp/666$ mv bin bin.gz
bandit12@bandit:/tmp/666$ gzip -d bin.gz
bandit12@bandit:/tmp/666$ ls
bin
bandit12@bandit:/tmp/666$ file bin
bin: POSIX tar archive (GNU)
bandit12@bandit:/tmp/666$ mv bin bin.tar
bandit12@bandit:/tmp/666$ tar -xvf bin.tar
data5.bin
bandit12@bandit:/tmp/666$ file data5.bin
data5.bin: POSIX tar archive (GNU)
bandit12@bandit:/tmp/666$ tar -xvf data5.bin
data6.bin
bandit12@bandit:/tmp/666$ file data6.bin
data6.bin: bzip2 compressed data, block size = 900k
bandit12@bandit:/tmp/666$ bunzip2 -d data6.bin
bunzip2: Can't guess original name for data6.bin -- using data6.bin.out
bandit12@bandit:/tmp/666$ ls
bin.tar  data5.bin  data6.bin.out
bandit12@bandit:/tmp/666$ mv data6.bin.out data.bz2
bandit12@bandit:/tmp/666$ file data.bz2
data.bz2: POSIX tar archive (GNU)
bandit12@bandit:/tmp/666$ tar -xvf data.bz2
data8.bin
bandit12@bandit:/tmp/666$ file data8.bin
data8.bin: gzip compressed data, was "data9.bin", last modified: Thu May  7 18:14:30 2020, max compression, from Unix
bandit12@bandit:/tmp/666$ ls
bin.tar  data5.bin  data8.bin  data.bz2
bandit12@bandit:/tmp/666$ gzip -d data8.bin |xargs file
bandit12@bandit:/tmp/666$ mv data8.bin data.gz
bandit12@bandit:/tmp/666$ gzip -d data.gz
bandit12@bandit:/tmp/666$ ls
bin.tar  data  data5.bin  data.bz2
bandit12@bandit:/tmp/666$ file data
data: ASCII text
bandit12@bandit:/tmp/666$ cat data
The password is 8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL
禁止套娃啊
The password for the next level is stored in /etc/bandit_pass/bandit14 and can only be read by user bandit14. For this level, you don’t get the next password, but you get a private SSH key that can be used to log into the next level. Note: localhost is a hostname that refers to the machine you are working on
 
bandit13@bandit:~$ cat /etc/bandit_pass/bandit14
cat: /etc/bandit_pass/bandit14: Permission denied
bandit13@bandit:~$ ls -al
total 24
drwxr-xr-x  2 root     root     4096 May  7  2020 .
drwxr-xr-x 41 root     root     4096 May  7  2020 ..
-rw-r--r--  1 root     root      220 May 15  2017 .bash_logout
-rw-r--r--  1 root     root     3526 May 15  2017 .bashrc
-rw-r--r--  1 root     root      675 May 15  2017 .profile
-rw-r-----  1 bandit14 bandit13 1679 May  7  2020 sshkey.private

bandit13@bandit:~$ ssh bandit14@127.0.0.1 -i sshkey.private
Could not create directory '/home/bandit13/.ssh'.
The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:98UL0ZWr85496EtCRkKlo20X3OPnyPSB5tB5RPbhczc.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/home/bandit13/.ssh/known_hosts).
bandit14@bandit:~$ cat /etc/bandit_pass/bandit14
4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e
bandit14@bandit:~$
 
The password for the next level can be retrieved by submitting the password of the current level to port 30000 on localhost.
 
bandit14@bandit:~$ nc localhost 30000
4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e
Correct!
BfMYroe26WYalil77FoDi9qh59eK5xNr

bandit14@bandit:~$
The password for the next level can be retrieved by submitting the password of the current level to port 30001 on localhost using SSL encryption.
bandit14@bandit:~$ openssl s_client -connect localhost  -port 30001
CONNECTED(00000003)
depth=0 CN = localhost
verify error:num=18:self signed certificate
verify return:1
depth=0 CN = localhost
verify return:1
---
Certificate chain
 0 s:/CN=localhost
   i:/CN=localhost
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICBjCCAW+gAwIBAgIEfftLGTANBgkqhkiG9w0BAQUFADAUMRIwEAYDVQQDDAls
b2NhbGhvc3QwHhcNMjEwNDEzMDgzODA3WhcNMjIwNDEzMDgzODA3WjAUMRIwEAYD
VQQDDAlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMLfXBVa
jVKDHlA3U+S0hBMJMJlfue3xKECpmx1Ajp4/khUuWwvPB7+wLjqasBO2WfFYJzcq
z9t7FfAPIlYjgvOTQs5X4vQ1aGzanvnNn+1VknpOnFAJQBSFq6ZD3ipWrhwm9XZq
8CgFhTGp9IPthZp8Y0B7OgobhlMtXD/zLaTbAgMBAAGjZTBjMBQGA1UdEQQNMAuC
CWxvY2FsaG9zdDBLBglghkgBhvhCAQ0EPhY8QXV0b21hdGljYWxseSBnZW5lcmF0
ZWQgYnkgTmNhdC4gU2VlIGh0dHBzOi8vbm1hcC5vcmcvbmNhdC8uMA0GCSqGSIb3
DQEBBQUAA4GBAMFH9rsZovwnb5k71/MpyCnXEwGlIhixUu6qfi1kiFvhJ6lJCvaO
weOYxV4oJy1OEB0LSEAQOnSPfzC8dDasijFcdVhuIGGPuQ2GZ05nCiiIZUNnrMRB
0z2RuRxgxMVjOvcSIJyvwyjVH4jY4I434fMyldePLxO1POLd1cxoKNTO
-----END CERTIFICATE-----
subject=/CN=localhost
issuer=/CN=localhost
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 1019 bytes and written 269 bytes
Verification error: self signed certificate
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: 5BB0BAB26B3F46EA3753D1B625A41D67BCB4460E3065D601810F1D97ABC1367A
    Session-ID-ctx:
    Master-Key: 71E83E6926675E5579E7714103EC19BC1C61CC8FE0AFC7B30F0C64281ABE631239780E132CFDAB1EFE33DAA0B644E02A
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 7200 (seconds)
    TLS session ticket:
    0000 - f2 5b 83 7e f0 ca 58 ca-aa f3 8f 83 b9 65 d5 23   .[.~..X......e.#
    0010 - 29 e9 83 aa 41 ae 9d 75-6c e6 d0 35 d2 94 cd 0d   )...A..ul..5....
    0020 - fe 42 8d 46 f4 b6 59 f2-f2 41 44 84 f5 cb 08 bd   .B.F..Y..AD.....
    0030 - 23 54 b2 27 bf 78 1c e6-b6 5b 5f e3 98 f9 99 a5   #T.'.x...[_.....
    0040 - 1f 77 f4 99 be ed b5 89-d2 9f c7 e1 0e 04 34 1d   .w............4.
    0050 - 42 3f 70 e1 0b 14 85 8b-00 17 11 18 2f 4a 3f dc   B?p........./J?.
    0060 - d0 e2 58 b4 ff 07 4f 53-33 e0 08 11 21 37 04 c7   ..X...OS3...!7..
    0070 - 16 26 b9 72 6d bb 7a 2b-7e 70 29 52 75 de 62 d1   .&.rm.z+~p)Ru.b.
    0080 - de e3 aa 60 eb e3 d8 53-78 99 1a 07 38 a4 97 c6   ...`...Sx...8...
    0090 - c4 e7 11 67 15 bb 71 81-89 66 56 94 48 0f 91 e5   ...g..q..fV.H...

    Start Time: 1626620407
    Timeout   : 7200 (sec)
    Verify return code: 18 (self signed certificate)
    Extended master secret: yes
---
BfMYroe26WYalil77FoDi9qh59eK5xNr
Correct!
cluFn7wTiGryunymYOu4RcffSxQluehd

closed
 
 
参考

© lewoking 2021 - 2022