Bandit CTF – Level 17

Level 16 –> 17

bandit16@bandit:~$ echo "cluFn7wTiGryunymYOu4RcffSxQluehd" | openssl s_client -connect localhost:31790 -ign_eof

CONNECTED(00000003)
depth=0 CN = localhost
verify error:num=18:self signed certificate
verify return:1
depth=0 CN = localhost
verify return:1
---
Certificate chain
 0 s:/CN=localhost
   i:/CN=localhost
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICBjCCAW+gAwIBAgIEcGzfrDANBgkqhkiG9w0BAQUFADAUMRIwEAYDVQQDDAls
b2NhbGhvc3QwHhcNMjAxMDE0MDg0MjAyWhcNMjExMDE0MDg0MjAyWjAUMRIwEAYD
VQQDDAlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMAcqhT+
E4ArtokX8WTkgxgFrZ7LmCdI8Y5lK2w87BXclyGVjy2DhiIrhPd1hi6a77yB6DPt
iQOB1y1LyTIQ45WwM8FL1kdCjHYrJn5LmfYEojaKxJkTqKSvPHiqhJTkOfB5cCLC
8pcsq1wnwrStXx8oakLcs2D/UfGMdAXVROnVAgMBAAGjZTBjMBQGA1UdEQQNMAuC
CWxvY2FsaG9zdDBLBglghkgBhvhCAQ0EPhY8QXV0b21hdGljYWxseSBnZW5lcmF0
ZWQgYnkgTmNhdC4gU2VlIGh0dHBzOi8vbm1hcC5vcmcvbmNhdC8uMA0GCSqGSIb3
DQEBBQUAA4GBAE1bLZN33u8w6rRKD2hATJ5GfK5/nwqvhqjkNUwjkx2wbcA+k54u
K5ruf3IoS1eI6Y7r2qLh/JDQ46H+Aw76H3Nf/vNFnXS7s6odz1p/r6zPTbsDa9Mr
iRpfmwN/pG0eGsJrtYwxuPgU53PjzuqgvlNvmBBXf4+l12GKHOIRAV2D
-----END CERTIFICATE-----
subject=/CN=localhost
issuer=/CN=localhost
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 1019 bytes and written 269 bytes
Verification error: self signed certificate
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: CCB8B2F5F3FCAA2D908E66122D974DE97B1964CB54FE7B150D4EB48245BBD22F
    Session-ID-ctx:
    Master-Key: 4707C8FE8267DCE0F1CD8A7C55104787E5A307CC45112891BACBA416B9DA05C51939526F613904B4ACDD6A107834FE72
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 7200 (seconds)
    TLS session ticket:
    0000 - 04 8e 80 9c c1 47 ef 0e-10 30 f7 e4 b5 35 65 bb   .....G...0...5e.
    0010 - a8 b2 55 1d 6f 50 5d 05-ea ed 97 ce 4f 48 70 73   ..U.oP].....OHps
    0020 - 60 9b 1d 0b bf bf 98 0b-87 d6 6d 44 d9 69 e1 d7   `.........mD.i..
    0030 - 06 c1 81 5a c8 f9 00 d1-ad 84 2f 8e f9 10 d2 46   ...Z....../....F
    0040 - 11 40 ca 01 6d d4 8a 93-43 ac dc 0f a9 d7 71 c5   .@..m...C.....q.
    0050 - 5f cd 59 6b bc 88 29 a8-3f dc b0 cb 25 5e 32 0d   _.Yk..).?...%^2.
    0060 - ed b2 4e 6d 08 79 62 d5-0e c7 78 98 23 06 81 ca   ..Nm.yb...x.#...
    0070 - db 88 e4 bb d7 37 fd 42-87 90 b0 7b 4d b6 c2 af   .....7.B...{M...
    0080 - 1b d4 e9 40 5f 18 97 b7-a7 ed a2 e4 60 cd 15 3c   ...@_.......`..<
    0090 - 3c 46 0f f2 af e8 3f 57-53 55 9f 23 17 e3 6d 8a   <F....?WSU.#..m.

    Start Time: 1603548564
    Timeout   : 7200 (sec)
    Verify return code: 18 (self signed certificate)
    Extended master secret: yes
---
Correct!
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAvmOkuifmMg6HL2YPIOjon6iWfbp7c3jx34YkYWqUH57SUdyJ
imZzeyGC0gtZPGujUSxiJSWI/oTqexh+cAMTSMlOJf7+BrJObArnxd9Y7YT2bRPQ
Ja6Lzb558YW3FZl87ORiO+rW4LCDCNd2lUvLE/GL2GWyuKN0K5iCd5TbtJzEkQTu
DSt2mcNn4rhAL+JFr56o4T6z8WWAW18BR6yGrMq7Q/kALHYW3OekePQAzL0VUYbW
JGTi65CxbCnzc/w4+mqQyvmzpWtMAzJTzAzQxNbkR2MBGySxDLrjg0LWN6sK7wNX
x0YVztz/zbIkPjfkU1jHS+9EbVNj+D1XFOJuaQIDAQABAoIBABagpxpM1aoLWfvD
KHcj10nqcoBc4oE11aFYQwik7xfW+24pRNuDE6SFthOar69jp5RlLwD1NhPx3iBl
J9nOM8OJ0VToum43UOS8YxF8WwhXriYGnc1sskbwpXOUDc9uX4+UESzH22P29ovd
d8WErY0gPxun8pbJLmxkAtWNhpMvfe0050vk9TL5wqbu9AlbssgTcCXkMQnPw9nC
YNN6DDP2lbcBrvgT9YCNL6C+ZKufD52yOQ9qOkwFTEQpjtF4uNtJom+asvlpmS8A
vLY9r60wYSvmZhNqBUrj7lyCtXMIu1kkd4w7F77k+DjHoAXyxcUp1DGL51sOmama
+TOWWgECgYEA8JtPxP0GRJ+IQkX262jM3dEIkza8ky5moIwUqYdsx0NxHgRRhORT
8c8hAuRBb2G82so8vUHk/fur85OEfc9TncnCY2crpoqsghifKLxrLgtT+qDpfZnx
SatLdt8GfQ85yA7hnWWJ2MxF3NaeSDm75Lsm+tBbAiyc9P2jGRNtMSkCgYEAypHd
HCctNi/FwjulhttFx/rHYKhLidZDFYeiE/v45bN4yFm8x7R/b0iE7KaszX+Exdvt
SghaTdcG0Knyw1bpJVyusavPzpaJMjdJ6tcFhVAbAjm7enCIvGCSx+X3l5SiWg0A
R57hJglezIiVjv3aGwHwvlZvtszK6zV6oXFAu0ECgYAbjo46T4hyP5tJi93V5HDi
Ttiek7xRVxUl+iU7rWkGAXFpMLFteQEsRr7PJ/lemmEY5eTDAFMLy9FL2m9oQWCg
R8VdwSk8r9FGLS+9aKcV5PI/WEKlwgXinB3OhYimtiG2Cg5JCqIZFHxD6MjEGOiu
L8ktHMPvodBwNsSBULpG0QKBgBAplTfC1HOnWiMGOU3KPwYWt0O6CdTkmJOmL8Ni
blh9elyZ9FsGxsgtRBXRsqXuz7wtsQAgLHxbdLq/ZJQ7YfzOKU4ZxEnabvXnvWkU
YOdjHdSOoKvDQNWu6ucyLRAWFuISeXw9a/9p7ftpxm0TSgyvmfLF2MIAEwyzRqaM
77pBAoGAMmjmIJdjp+Ez8duyn3ieo36yrttF5NSsJLAbxFpdlc1gvtGCWW+9Cq0b
dxviW8+TFVEBl1O4f7HVm6EpTscdDxU+bCXWkfjuRb7Dy9GOtt9JPsX8MBTakzh3
vBgsyi/sN3RqRBcGU40fOoZyfAMT8s1m/uYv52O6IgeuZ/ujbjY=
-----END RSA PRIVATE KEY-----

closed
bandit16@bandit:~$

Now we can save the private key as bandit17.key

Deja una respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *