ASCP-野原新一 去码头整点薯条……

复盘HMVLabs Chapter 1-Venus

#暂无标签
📃 
Host: venus.hackmyvm.eu  
Port: 5000  
User: hacker  
Pass: havefun!

MISSION 0x01

ssh登录进入后,找到第一题提示:

cat mission.txt
## EN ##
User sophia has saved her password in a hidden file in this folder. Find it and log in as sophia.
用户sophia已将密码保存在此文件夹的隐藏文件中。找到它并以sophia的身份登录。

需要找到在当前文件夹中的隐藏文件

ls -al
total 40
drwxr-x--- 2 root   hacker 4096 Apr  5 06:28 .
drwxr-xr-x 1 root   root   4096 Apr  5 06:27 ..
-rw-r----- 1 root   hacker   31 Apr  5 06:28 ...
-rw-r--r-- 1 hacker hacker  220 Apr 23  2023 .bash_logout
-rw-r--r-- 1 hacker hacker 3526 Apr 23  2023 .bashrc
-rw-r----- 1 root   hacker   16 Apr  5 06:27 .myhiddenpazz
-rw-r--r-- 1 hacker hacker  807 Apr 23  2023 .profile
-rw-r----- 1 root   hacker  287 Apr  5 06:27 mission.txt
-rw-r----- 1 root   hacker 2542 Apr  5 06:27 readme.txt

cat .myhiddenpazz
Y1o645M3mR84ejc

切换用户su sophia 进入下一关

MISSION 0x02

cat flagz.txt
8===LUzzNuv8NB59iztWUIQS===D~~ ##得到第一个flag
cat mission.txt
## EN ##
The user angela has saved her password in a file but she does not remember where ... she only remembers that the file was called whereismypazz.txt
用户安吉拉已将密码保存在一个文件中,但她不记得在哪里。。。她只记得文件名为whenismypazz.txt

find / -name whereismypazz.txt 2>/dev/null
/usr/share/whereismypazz.txt
##找到文件后直接cat打开
cat /usr/share/whereismypazz.txt
oh5p9gAABugHBje

切换用户su angela进入下一关

MISSION 0x03

## EN ##
cat flagz.txt
8===SjMYBmMh4bk49TKq7PM8===D~~ ## 获得flag
cat mission.txt
The password of the user emma is in line 4069 of the file findme.txt
用户emma的密码位于文件findme.txt的第4069行

vim findme.txt  
# 输入 :4069 回车, 找到密码 :set number 可以显示行号  
# 或者 `sed -n 4069p findme.txt`
sed -n 4069p findme.txt
fIvltaGaq0OUH8O

切换用户su emma进入下一关

MISSION 0x04

cat flagz.txt
8===0daqdDlmd9XogkiHu4yq===D~~ ##获取flag
cat mission.txt
## EN ##
User mia has left her password in the file -.
mia在-文件夹中留下密码

cat ./-
iKXIYg0pyEH2Hos

切换用户su mia进入下一关

MISSION 0x05

cat flagz.txt
8===FBMdY8hel2VMA3BaYJin===D~~
cat mission.txt
## EN ##
It seems that the user camila has left her password inside a folder called hereiam
用户camila似乎将密码留在了名为hereiam的文件夹中

find / -type d -name "hereiam" 2>/dev/null
/opt/hereiam
cd /opt/hereiam
ls -al
total 12
drwxr-xr-x 2 root root 4096 Apr  5 06:28 .
drwxr-xr-x 1 root root 4096 Apr  5 06:28 ..
-rw-r--r-- 1 root root   16 Apr  5 06:28 .here
cat .here
F67aDmCAAgOOaOc

切换用户su camila进入下一关

By 野原新一 On