docs(lvl01): adding the english readme
This commit is contained in:
Raphael
parent
0fa1a710d9
commit
ce0547430f
1 changed files with 17 additions and 22 deletions
|
|
@ -1,41 +1,36 @@
|
|||
Le mot de passe du compte `level01` n'est pas donne mais est bien exitstant
|
||||
The password for the level01 account is not given, but it does exist.
|
||||
|
||||
```bash
|
||||
groups level01
|
||||
level01 : level01 users
|
||||
```
|
||||
|
||||
En cherchant la connection je regarde sur le fichier system `/etc/passwd`
|
||||
While searching for the login information, I check the system file /etc/passwd.
|
||||
|
||||
Here is only the relevant part (with the full command)
|
||||
|
||||
###### Voici uniquement la partie interessante (avec la commande complete)
|
||||
```bash
|
||||
cat /etc/passwd | sed 's/:/ /g' | awk '{print $1, $2}' | grep '01'
|
||||
level01 x
|
||||
flag01 42hDRfypTqqnw
|
||||
```
|
||||
|
||||
et tombe donc sur un hash de mot de passe dans le fichier /etc/passwd je decide donc le copier avec scp sur mon laptop
|
||||
I therefore come across a password hash in the /etc/passwd file, so I decide to copy it to my laptop using scp.
|
||||
|
||||
```bash
|
||||
scp -P 4242 level00@localhost:/etc/passwd .
|
||||
/ ____| / ____| | |
|
||||
| (___ _ __ _____ _| | _ __ __ _ ___| |__
|
||||
\___ \| '_ \ / _ \ \ /\ / / | | '__/ _` / __| '_ \
|
||||
____) | | | | (_) \ V V /| |____| | | (_| \__ \ | | |
|
||||
|_____/|_| |_|\___/ \_/\_/ \_____|_| \__,_|___/_| |_|
|
||||
|
||||
Good luck & Have fun
|
||||
|
||||
level00@localhost's password:
|
||||
passwd 100% 2477 597.9KB/s 00:00
|
||||
```
|
||||
|
||||
|
||||
```bash
|
||||
ll
|
||||
Permissions Size User Date Modified Name
|
||||
.rw-r--r--@ 2.5k raphael 26 Jan 15:57 passwd
|
||||
|
||||
```
|
||||
Since John does not work on our session because of flag00, we will use it on my laptop instead.
|
||||
|
||||
John ne fonctionnant pas sur notre session a cause du flag00 alors nous allons faire utliser sur mon laptop
|
||||
```bash
|
||||
john ./passwd
|
||||
Warning: detected hash type "descrypt", but the string is also recognized as "descrypt-opencl"
|
||||
|
|
@ -53,21 +48,21 @@ abcdefg (flag01)
|
|||
1g 0:00:00:00 DONE 2/3 (2026-01-26 15:57) 33.33g/s 49000p/s 49000c/s 49000C/s raquel..bigman
|
||||
Use the "--show" option to display all of the cracked passwords reliably
|
||||
Session completed.
|
||||
|
||||
|
||||
john ./passwd --show
|
||||
flag01:abcdefg:3001:3001::/home/flag/flag01:/bin/bash
|
||||
|
||||
1 password hash cracked, 0 left
|
||||
```
|
||||
|
||||
Et la connection et maintenant possible et je peux lancer
|
||||
```bash
|
||||
john ./passwd --show
|
||||
flag01:abcdefg:3001:3001::/home/flag/flag01:/bin/bash
|
||||
1 password hash cracked, 0 left
|
||||
The login is now possible and I can run:
|
||||
```
|
||||
|
||||
|
||||
```bash
|
||||
su flag01
|
||||
Password:
|
||||
Don't forget to launch getflag !
|
||||
|
||||
|
||||
getflag
|
||||
Check flag.Here is your token : f2av5il02puano7naaf6adaaf
|
||||
```
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue