OverTheWire: Bandit Level 15 to Level 16

Level goal: The password for the next level can be retrieved by submitting the password of the current level to port 30001 on localhost using SSL encryption.

Helpful note: Getting “HEARTBEATING” and “Read R BLOCK”? Use -ign_eof and read the “CONNECTED COMMANDS” section in the manpage. Next to ‘R’ and ‘Q’, the ‘B’ command also works in this version of that command…

In this level, we connect to the port 30001 on localhost using the SSL encryption. We can do it using the openssl command.

bandit15@melinda:~$ openssl s_client -quiet -connect 127.0.0.1:30001
depth=0 CN = li190-250.members.linode.com
verify error:num=18:self signed certificate
verify return:1
depth=0 CN = li190-250.members.linode.com
verify return:1
BfMYroe26WYalil77FoDi9qh59eK5xNr
Correct!
cluFn7wTiGryunymYOu4RcffSxQluehd

read:errno=0

The password to gain access to the next level is cluFn7wTiGryunymYOu4RcffSxQluehd.

CTFlinuxoverthewireunix
kongwenbin: I am a security enthusiast, penetration tester and bug hunter who has a great passion in the area of information security. I love to share. Please feel free to leave a comment on my posts. Learning never stops!
Related Post
  1. My thoughts on receiving the Top Government Bug Bounty Program (GBBP) Researcher Award

    Last week, I attended the Researcher Appreciation Ceremony held alongside the prize ceremony of Jaga…

  2. A Review of my Bug Hunting Journey

    This post is a review of my bug hunting journey so far, from when I…

  3. Write-up for Gemini Inc: 1

    This is a write-up on the Gemini Inc: 1, a VulnHub machine designed to be…

  4. Fastest Fix on Open Bug Bounty Platform

    This is a write-up on the Fastest Fix on Open Bug Bounty (OBB) Platform. The…

  5. A Review of my past one-year in Information Security

    A review of my past one-year in the information security industry and what I have…