The flag06 account credentials came from a legacy unix system.
To do this level, log in as the level06 account with the password level06. Files for this level can be found in /home/flag06.
看起來是要破解 flag06 的密碼
Capture The Flag
The flag06 account credentials came from a legacy unix system.
To do this level, log in as the level06 account with the password level06. Files for this level can be found in /home/flag06.
看起來是要破解 flag06 的密碼
Check the flag05 home directory. You are looking for weak directory permissions
To do this level, log in as the level05 account with the password level05. Files for this level can be found in /home/flag05.
weak directory permissions…?
This level requires you to read the token file, but the code restricts the files that can be read. Find a way to bypass it :)
To do this level, log in as the level04 account with the password level04. Files for this level can be found in /home/flag04.
看起來是要讀取一個讀取不到的檔案呢…
Check the home directory of flag03 and take note of the files there.
There is a crontab that is called every couple of minutes.
To do this level, log in as the level03 account with the password level03. Files for this level can be found in /home/flag03.
喔喔出現不一樣的題形了,一樣先登入 level03
There is a vulnerability in the below program that allows arbitrary programs to be executed, can you find it?
To do this level, log in as the level02 account with the password level02. Files for this level can be found in /home/flag02.
看起來跟上一關很像…
There is a vulnerability in the below program that allows arbitrary programs to be executed, can you find it?
To do this level, log in as the level01 account with the password level01. Files for this level can be found in /home/flag01.
一樣先登入 level01, 密碼也是 level01
This level requires you to find a Set User ID program that will run as the 「flag00」 account. You could also find this by carefully looking in top level directories in / for suspicious looking directories.
Alternatively, look at the find man page.
To access this level, log in as level00 with the password of level00.
首先,以 level00
登入,密碼也是 level00
根據提示,要找到一個可以在flag00
使用者上執行的 set user ID 程式,可以從根目錄中的可疑資料夾中找到…不過我不是很確定哪些資料夾是可疑的就先略過,看來只能用find
來慢慢找了 0A0
Exploit Exercises 提供了一系列的 linux 資安 CTF,由淺入深,包含各式資安問題,以虛擬機的方式下載。
這個系列為 Exploit Exercise 的 Nebula,一個較好上手,適合想學習 linux 破解得初學者(比如我:3)。包含特權提升(Priviledge Escalation), 常見的 script 漏洞以及競爭危害(Race Condition),等等我現在還沒有任何概念的東東
因為我自己也是從不懂到會,所以內容應該會偏詳細。更新頻率大概是每一禮拜更新1,2次,以下為在 ubuntu 上安裝 nebula 虛擬機的方法。