Bandit level 15
Level Goal
The password for the next level can be retrieved by submitting the password of the current level to port 30001 on localhost using SSL/TLS encryption.
Helpful note: Getting “DONE”, “RENEGOTIATING” or “KEYUPDATE”? Read the “CONNECTED COMMANDS” section in the manpage.
Another server connection task to be solved, but this time telnet and nc will not help us much as those are not secured by SSL/TLS. So it is time to look into yet another command. I recommend reading in to the man pages of openssl
Solution - Spoiler Alert!
I took a look in to the man pages of openssl and searched for connect, and it took me right to the s_client section. To connect with SSL/TLS we can use the command openssl s_client --connect localhost:30001 we can initiate a secure connection and send out message. When sending the password for the current level we get the password for the next level in return.
Comments ()