Hades 01-10
Beginning
任务目标
mission.txt
User acantha has left us a to obtain her powers.
行动
Exploit it
hacker@hades:~$ cat /pazz/acantha_pass.txt
cat: /pazz/acantha_pass.txt: Permission denied
hacker@hades:~$ /opt/gift_hacker
bash: you: command not found
acantha@hades:~$ cat /pazz/acantha_pass.txt
mYYLhLBSkrzZqFydxGkn
User - acantha
flag - 01
^CaEuVJtJjaCwZtuuAFD^
任务目标
mission.txt
The user alala has left us a program, if we insert the 6 correct numbers, she gives us her password!
行动
ls -lah
drwxr-x--- 2 root acantha 4.0K Jul 26 2023 .
drwxr-xr-x 1 root root 4.0K Jul 26 2023 ..
-rw-r--r-- 1 acantha acantha 220 Apr 23 2023 .bash_logout
-rw-r--r-- 1 acantha acantha 3.5K Apr 23 2023 .bashrc
-rw-r--r-- 1 acantha acantha 807 Apr 23 2023 .profile
-rw-r----- 1 root acantha 22 Jul 26 2023 flagz.txt
-rw-r-x--- 1 root acantha 16K Jul 26 2023 guess
-rw-r----- 1 root acantha 275 Jul 26 2023 mission.txt
直接 base64 外带,然后反编译即可
反编译结果
int __fastcall main(int argc, const char **argv, const char **envp)
{
int v4; // [rsp+1Ch] [rbp-4h] BYREF
printf("Enter PIN code:\n");
__isoc99_scanf("%i", &v4);
if (v4 == 5880)
printf("DsYzpJQrCEndEWIMxWxu");
else
puts("\nNO :_(");
return 0;
}
User - alala
flag - 02
^gTdGmkwhDrCqKrDQpxH^
任务目标
mission.txt
User althea loves reading Linux help.
行动
ls -lah
drwxr-x--- 1 root alala 4.0K Jul 26 2023 .
drwxr-xr-x 1 root root 4.0K Jul 26 2023 ..
-rw-r--r-- 1 alala alala 220 Apr 23 2023 .bash_logout
-rw-r--r-- 1 alala alala 3.5K Jan 25 00:37 .bashrc
-rw-r--r-- 1 alala alala 807 Apr 23 2023 .profile
-r--r----- 1 althea althea 21 Jul 26 2023 althea_pass.txt
-rw-r----- 1 root alala 22 Jul 26 2023 flagz.txt
-rw-r----- 1 root alala 164 Jul 26 2023 mission.txt
-rwS--s--- 1 root alala 16K Jul 26 2023 read
Exploit it
./read
# 进入后输入以下命令
!cat althea_pass.txt
# ObxEmwisYjERrDfvSbdA
User - althea
flag - 03
^btDtPAPzSiXmoHItpqX^
任务目标
mission.txt
The user andromeda has left us a program to list directories.