Nivel 16
Filtrar puertos abiertos
Descripción del Reto 💻
En este nivel, aprenderás a conectarte a un servidor remoto usando SSH. El objetivo es familiarizarte con el comando básico de conexión y explorar el entorno.
Información de Login 🔑
- Username: bandit16
- Password: kSkvUpMQ7lBYyCM4GBPvCvT1BfWRy0Dx
- Host: bandit.labs.overthewire.org
- Port: 2220
Pasos para Resolver el Nivel 🛠️
-
Conéctate al servidor usando SSH:
bash
$ ssh bandit16@bandit.labs.overthewire.org -p 2220 This is a OverTheWire game server. More information on http://www.overthewire.org/wargamesbandit0@bandit.labs.overthewire.org's password: kSkvUpMQ7lBYyCM4GBPvCvT1BfWRy0Dx -
Probamos suerte en los puertos SSL
bash
bandit16@bandit:~$ echo "kSkvUpMQ7lBYyCM4GBPvCvT1BfWRy0Dx" | ncat --ssl localhost 31790 Correct! -----BEGIN RSA PRIVATE KEY----- MIIEogIBAAKCAQEAvmOkuifmMg6HL2YPIOjon6iWfbp7c3jx34YkYWqUH57SUdyJ imZzeyGC0gtZPGujUSxiJSWI/oTqexh+cAMTSMlOJf7+BrJObArnxd9Y7YT2bRPQ Ja6Lzb558YW3FZl87ORiO+rW4LCDCNd2lUvLE/GL2GWyuKN0K5iCd5TbtJzEkQTu DSt2mcNn4rhAL+JFr56o4T6z8WWAW18BR6yGrMq7Q/kALHYW3OekePQAzL0VUYbW JGTi65CxbCnzc/w4+mqQyvmzpWtMAzJTzAzQxNbkR2MBGySxDLrjg0LWN6sK7wNX x0YVztz/zbIkPjfkU1jHS+9EbVNj+D1XFOJuaQIDAQABAoIBABagpxpM1aoLWfvD KHcj10nqcoBc4oE11aFYQwik7xfW+24pRNuDE6SFthOar69jp5RlLwD1NhPx3iBl J9nOM8OJ0VToum43UOS8YxF8WwhXriYGnc1sskbwpXOUDc9uX4+UESzH22P29ovd d8WErY0gPxun8pbJLmxkAtWNhpMvfe0050vk9TL5wqbu9AlbssgTcCXkMQnPw9nC YNN6DDP2lbcBrvgT9YCNL6C+ZKufD52yOQ9qOkwFTEQpjtF4uNtJom+asvlpmS8A vLY9r60wYSvmZhNqBUrj7lyCtXMIu1kkd4w7F77k+DjHoAXyxcUp1DGL51sOmama +TOWWgECgYEA8JtPxP0GRJ+IQkX262jM3dEIkza8ky5moIwUqYdsx0NxHgRRhORT 8c8hAuRBb2G82so8vUHk/fur85OEfc9TncnCY2crpoqsghifKLxrLgtT+qDpfZnx SatLdt8GfQ85yA7hnWWJ2MxF3NaeSDm75Lsm+tBbAiyc9P2jGRNtMSkCgYEAypHd HCctNi/FwjulhttFx/rHYKhLidZDFYeiE/v45bN4yFm8x7R/b0iE7KaszX+Exdvt SghaTdcG0Knyw1bpJVyusavPzpaJMjdJ6tcFhVAbAjm7enCIvGCSx+X3l5SiWg0A R57hJglezIiVjv3aGwHwvlZvtszK6zV6oXFAu0ECgYAbjo46T4hyP5tJi93V5HDi Ttiek7xRVxUl+iU7rWkGAXFpMLFteQEsRr7PJ/lemmEY5eTDAFMLy9FL2m9oQWCg R8VdwSk8r9FGLS+9aKcV5PI/WEKlwgXinB3OhYimtiG2Cg5JCqIZFHxD6MjEGOiu L8ktHMPvodBwNsSBULpG0QKBgBAplTfC1HOnWiMGOU3KPwYWt0O6CdTkmJOmL8Ni blh9elyZ9FsGxsgtRBXRsqXuz7wtsQAgLHxbdLq/ZJQ7YfzOKU4ZxEnabvXnvWkU YOdjHdSOoKvDQNWu6ucyLRAWFuISeXw9a/9p7ftpxm0TSgyvmfLF2MIAEwyzRqaM 77pBAoGAMmjmIJdjp+Ez8duyn3ieo36yrttF5NSsJLAbxFpdlc1gvtGCWW+9Cq0b dxviW8+TFVEBl1O4f7HVm6EpTscdDxU+bCXWkfjuRb7Dy9GOtt9JPsX8MBTakzh3 vBgsyi/sN3RqRBcGU40fOoZyfAMT8s1m/uYv52O6IgeuZ/ujbjY= -----END RSA PRIVATE KEY----- bandit16@bandit:~$ -
Desde un directorio temoral
bash
bandit16@bandit:~$ mktemp -d /tmp/tmp.WHJjIJyJBF bandit16@bandit:~$ cd /tmp/tmp.WHJjIJyJBF bandit16@bandit:/tmp/tmp.WHJjIJyJBF$ nano sshkey Unable to create directory /home/bandit16/.local/share/nano/: No such file or directory It is required for saving/loading search history or cursor positions. bandit16@bandit:/tmp/tmp.WHJjIJyJBF$ ls sshkey bandit16@bandit:/tmp/tmp.WHJjIJyJBF$ chmod 400 sshkey bandit16@bandit:/tmp/tmp.WHJjIJyJBF$ ssh -i sshkey bandit17@localhost -
Y leemos el archivo final que nos deja:
bash
bandit17@bandit:~$ cat /etc/bandit_pass/bandit17 EReVavePLFHtFlFsjn3hyzMlvSuSAcRD bandit17@bandit:~$
Escaneamos los puertos abiertos
bash
bandit16@bandit:~$ nmap --open -sV -p31000-32000 localhostdata.txt
Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-02-17 19:43 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00034s latency).
Not shown: 996 closed tcp ports (conn-refused)
PORT STATE SERVICE
31046/tcp open unknown
31518/tcp open unknown
31691/tcp open unknown
31790/tcp open unknown
31960/tcp open unknown
Nmap done: 1 IP address (1 host up) scanned in 0.16 seconds
bandit16@bandit:~$
Resultado Esperado 🎉
Sigue así y llegarás al final del juego. ¡Ánimo! 🚀