Level Goal
The password for the next level can be retrieved by submitting the password of the current level to port 30001 on localhost using SSL encryption.

Helpful note: Getting “HEARTBEATING” and “Read R BLOCK”? Use -ign_eof and read the “CONNECTED COMMANDS” section in the manpage. Next to ‘R’ and ‘Q’, the ‘B’ command also works in this version of that command…

Commands you may need to solve this level: ssh, telnet, nc, openssl, s_client, nmap

Walkthrough
So lets see the manpage of s_client to start with. It is an openSSL client and the format is openssl s_client -connect host:port So lets try this.

The connection is there, lets paste the password op bandit15. It gives us the password of bandit 16!
cluFn7wTiGryunymYOu4RcffSxQluehd

Leave a Reply

Your email address will not be published. Required fields are marked *