If you work in the infosec industry and never asked yourself this question, please take your time to think. Our objective here is to accomplish a full scan without revealing our real IP to the target.
I tried this one without reading the C code at first, although it should be allowed in the game. This is mainly because I felt like learning assembly the hard way. Also, source codes are not always available in the real world :).
Pwnable.kr is not exactly easy even when they say it is. Despite this scary introduction, this specifically challenge is not that hard.
#Vigenere - Crypto 100
Pwnable.kr’s third challenge goes like this:
Pwnable.kr’s second challenge goes like this:
http://pwnable.kr Pwnable.kr is an awesome wargame to learning PWNning, reverse engineering and a bunch of other scary beasts like these. Let’s begin with challenge #1.
The first thing that came to my mind here was simply to keep using find’s powerful options. So now we add -user and -group in order to restrict our search. Also, we must search the whole tree of directories, not only home folder:
The first thing that came to my mind here was simply to keep using find’s powerful options. So now we add -user and -group in order to restrict our search. Also, we must search the whole tree of directories, not only home folder:
Too obvious for a writeup… Ok, just a simple SSH
