Host: venus.hackmyvm.eu
Port: 5000
User: hacker
Pass: havefun!
readme.txt
# EN
Hello hax0r,
Welcome to the HMVLab Chapter 1: Venus!
This is a CTF for beginners where you can practice your skills with Linux and CTF
so lets start! :)
First of all, the home of each user is in /pwned/USER and in it you will find a file called mission.txt which will contain
the mission to complete to get the password of the next user.
It will also contain the flagz.txt file, which if you are registered at https://hackmyvm.eu you can enter to participate in the ranking (optional).
And for a bit of improvisation, there are secret levels and hidden flags: D
You will not have write permissions in most folders so if you need to write a script or something
use /tmp folder, keep in mind that it is frequently deleted ...
And last (and not least) some users can modify the files that are in the
folder /www, these files are accessible from http://venus.hackmyvm.eu so if you get a user
that can modify the file /www/hi.txt, you can put a message and it will be reflected in http://venus.hackmyvm.eu/hi.txt.
If you have questions/ideas or want to comment us anything you can join
to our Discord: https://discord.gg/DxDFQrJ
Remember there are more people playing so be respectful.
Hack & Fun!
# ES
Hola hax0r,
Bienvenid@ al HMVLab Chapter 1: Venus!
Este es un CTF para principiantes donde podras practicar tus habilidades con Linux y los CTF
asi que vamos a trastear un poco! :)
Antes de nada, el home de cada usuario se encuentra en /pwned/USUARIO y en el encontraras un fichero llamado mission.txt el cual contendra
la mision a completar para conseguir la password del siguiente usuario.
Tambien contendra el fichero flagz.txt, que si estas registrado en https://hackmyvm.eu podras introducir para participar en el ranking (opcional).
Y para que haya un poco de improvisacion, hay niveles secretos y flags escondidas :D
No tendras permisos de escritura en la mayoria de carpetas asi que si necesitas escribir algun script o algo
usa la carpeta /tmp, ten en cuenta que es eliminada de manera frecuente...
Y por ultimo (y no menos importante) algunos usuarios pueden modificar los ficheros que estan en la
carpeta /www, estos ficheros son accesibles desde http://venus.hackmyvm.eu asi que si consigues un usuario
que pueda modificar el fichero /www/hi.txt, podras poner un mensaje y se verá reflejado en http://venus.hackmyvm.eu/hi.txt.
Si tienes dudas/ideas o quieres comentar cualquier cosa puedes unirte
a nuestro Discord: https://discord.gg/DxDFQrJ
Recuerda que hay mas gente jugando asi que se respetuoso.
Hack & Fun!
mission.txt
################
# MISSION 0x01 #
################
## EN ##
User sophia has saved her password in a hidden file in this folder. Find it and log in as sophia.
## ES ##
La usuaria sophia ha guardado su contraseña en un fichero oculto en esta carpeta.Encuentralo y logueate como sophia.
hacker@venus:~$ ls -la
total 36
drwxr-x--- 2 root hacker 4096 Apr 7 2022 .
drwxr-xr-x 55 root root 4096 Apr 7 2022 ..
-rw-r----- 1 root hacker 31 Apr 7 2022 ...
-rw-r--r-- 1 hacker hacker 220 Aug 4 2021 .bash_logout
-rw-r--r-- 1 hacker hacker 3526 Aug 4 2021 .bashrc
-rw-r----- 1 root hacker 16 Apr 7 2022 .myhiddenpazz
-rw-r--r-- 1 hacker hacker 807 Aug 4 2021 .profile
-rw-r----- 1 root hacker 287 Apr 7 2022 mission.txt
-rw-r----- 1 root hacker 2542 Apr 7 2022 readme.txt
hacker@venus:~$ cat .myhiddenpazz
Y1o645M3mR84ejc
hacker@venus:~$
hacker@venus:~$ cat .myhiddenpazz
Y1o645M3mR84ejc
hacker@venus:~$ su sophia
sophia@venus:/pwned/hacker$ cd ~
sophia@venus:~$ ls
flagz.txt mission.txt
sophia@venus:~$ cat flagz.txt
8===LUzzNuv8NB59iztWUIQS===D~~
sophia@venus:~$
mission.txt
################
# MISSION 0x02 #
################
## EN ##
The user angela has saved her password in a file but she does not remember where ... she only remembers that the file was called whereismypazz.txt
## ES ##
La usuaria angela ha guardado su password en un fichero pero no recuerda donde... solo recuerda que el fichero se llamaba whereismypazz.txt
sophia@venus:~$ find / -name "whereismypazz.txt" 2>/dev/null
/usr/share/whereismypazz.txt
sophia@venus:~$ cat /usr/share/whereismypazz.txt
oh5p9gAABugHBje
sophia@venus:~$
sophia@venus:~$ su angela
Password:
angela@venus:/pwned/sophia$ cd ~
angela@venus:~$ ls
findme.txt flagz.txt mission.txt
angela@venus:~$ cat flagz.txt
8===SjMYBmMh4bk49TKq7PM8===D~~
angela@venus:~$
mission.txt
################
# MISSION 0x03 #
################
## EN ##
The password of the user emma is in line 4069 of the file findme.txt
## ES ##
La password de la usuaria emma esta en la linea 4069 del fichero findme.txt
fIvltaGaq0OUH8O
angela@venus:~$ su emma
Password:
emma@venus:/pwned/angela$ cd ~
emma@venus:~$ ls
- flagz.txt mission.txt
emma@venus:~$ cat flagz.txt
8===0daqdDlmd9XogkiHu4yq===D~~
emma@venus:~$
missions.txt
################
# MISSION 0x04 #
################
## EN ##
User mia has left her password in the file -.
## ES ##
La usuaria mia ha dejado su password en el fichero -.
emma@venus:~$ ls
- flagz.txt mission.txt
emma@venus:~$ cat ./-
iKXIYg0pyEH2Hos
emma@venus:~$ su mia
Password:
mia@venus:/pwned/emma$ cd ~
mia@venus:~$ ls
flagz.txt mission.txt
mia@venus:~$ cat flagz.txt
8===FBMdY8hel2VMA3BaYJin===D~~
mia@venus:~$
missions.txt
################
# MISSION 0x05 #
################
## EN ##
It seems that the user camila has left her password inside a folder called hereiam
## ES ##
Parece que la usuaria camila ha dejado su password dentro de una carpeta llamada hereiam
mia@venus:~$ find / -name "hereiam" 2>/dev/null
/opt/hereiam
mia@venus:~$ cd /opt/hereiam/
mia@venus:/opt/hereiam$ ls
mia@venus:/opt/hereiam$ ls -la
total 12
drwxr-xr-x 2 root root 4096 Apr 7 2022 .
drwxr-xr-x 1 root root 4096 Apr 7 2022 ..
-rw-r--r-- 1 root root 16 Apr 7 2022 .here
mia@venus:/opt/hereiam$ cat .here
F67aDmCAAgOOaOc
mia@venus:/opt/hereiam$ su camila
Password:
camila@venus:/opt/hereiam$ cd ~
camila@venus:~$ ls
flagz.txt mission.txt muack
camila@venus:~$ cat flagz.txt
8===iDIi5sm1mDuqGmU5Psx6===D~~
camila@venus:~$
################
# MISSION 0x06 #
################
## EN ##
The user luna has left her password in a file inside the muack folder.
## ES ##
La usuaria luna ha dejado su password en algun fichero dentro de la carpeta muack.
camila@venus:~$ find ./muack/ -type f
./muack/111/111/muack
camila@venus:~$ cat ./muack/111/111/muack
j3vkuoKQwvbhkMc
camila@venus:~$ su luna
Password:
luna@venus:/pwned/camila$ cd ~
luna@venus:~$ ls
flagz.txt mission.txt
luna@venus:~$ cat flagz.txt
8===KCO34FpIq3nBmHbyZvFh===D~~
luna@venus:~$
missions.txt
################
# MISSION 0x07 #
################
## EN ##
The user eleanor has left her password in a file that occupies 6969 bytes.
## ES ##
La usuaria eleanor ha dejado su password en un fichero que ocupa 6969 bytes.
luna@venus:~$ find / -size 6969c 2>/dev/null
/usr/share/man/man1/h2xs.1.gz
/usr/share/moon.txt
luna@venus:~$ cat /usr/share/moon.txt
UNDchvln6Bmtu7b
luna@venus:~$ su eleanor
Password:
eleanor@venus:/pwned/luna$ cd ~
eleanor@venus:~$ ls
flagz.txt mission.txt
eleanor@venus:~$ cat flagz.txt
8===Iq5vbyiQl4ipNrLDArjD===D~~
eleanor@venus:~$
missions.txt
################
# MISSION 0x08 #
################
## EN ##
The user victoria has left her password in a file in which the owner is the user violin.
## ES ##
La usuaria victoria ha dejado su password en un fichero en el cual el propietario es el usuario violin.
eleanor@venus:~$ find / -user violin 2>/dev/null
/usr/local/games/yo
eleanor@venus:~$ cat /usr/local/games/yo
pz8OqvJBFxH0cSj
eleanor@venus:~$ su victoria
Password:
victoria@venus:/pwned/eleanor$ cd ~
victoria@venus:~$ ls
flagz.txt mission.txt passw0rd.zip
victoria@venus:~$ cat flagz.txt
8===NWyTFi9LLqVsZ4OnuZYN===D~~
victoria@venus:~$
missions.txt
################
# MISSION 0x09 #
################
## EN ##
The user isla has left her password in a zip file.
## ES ##
La usuaria isla ha dejado su password en un fichero zip.
victoria@venus:~$ mkdir /tmp/1/
victoria@venus:~$ ls
flagz.txt mission.txt passw0rd.zip
victoria@venus:~$ cp passw0rd.zip /tmp/1/
victoria@venus:~$ cd /tmp/1/
victoria@venus:/tmp/1$ unzip passw0rd.zip
Archive: passw0rd.zip
extracting: pwned/victoria/passw0rd.txt
victoria@venus:/tmp/1$ ls
passw0rd.zip pwned
victoria@venus:/tmp/1$ cd pwned/victoria/
victoria@venus:/tmp/1/pwned/victoria$ ls
passw0rd.txt
victoria@venus:/tmp/1/pwned/victoria$ cat passw0rd.txt
D3XTob0FUImsoBb
victoria@venus:/tmp/1/pwned/victoria$ su isla
Password:
isla@venus:/tmp/1/pwned/victoria$ cd ~
isla@venus:~$ ls
flagz.txt mission.txt passy
isla@venus:~$ cat flagz.txt
8===ZyZqc1suvGe4QlkZHFlq===D~~
isla@venus:~$
missions.txt
################
# MISSION 0x10 #
################
## EN ##
The password of the user violet is in the line that begins with a9HFX (these 5 characters are not part of her password.).
## ES ##
El password de la usuaria violet esta en la linea que empieza por a9HFX (sin ser estos 5 caracteres parte de su password.).
注 a9HFX 题干说不包含在 password 内
isla@venus:~$ cat passy | grep ^a9HFX
a9HFXWKINVzNQLKLDVAc
isla@venus:~$ su violet
Password:
violet@venus:/pwned/isla$ cd ~
violet@venus:~$ ls
end flagz.txt mission.txt
violet@venus:~$ cat flagz.txt
8===LzErk0qFPYJj16mNnnYZ===D~~
violet@venus:~$
missions.txt
################
# MISSION 0x11 #
################
## EN ##
The password of the user lucy is in the line that ends with 0JuAZ (these last 5 characters are not part of her password)
## ES ##
El password de la usuaria lucy se encuentra en la linea que acaba por 0JuAZ (sin ser estos ultimos 5 caracteres parte de su password)
注 0JuAZ 题干说不包含在 password 内
violet@venus:~$ cat end | grep 0JuAZ$
OCmMUjebG53giud0JuAZ
violet@venus:~$ ls
end flagz.txt mission.txt
violet@venus:~$ su lucy
Password:
lucy@venus:/pwned/violet$ cd ~
lucy@venus:~$ ls
file.yo flagz.txt mission.txt
lucy@venus:~$ cat flagz.txt
8===AdCJ4wl8pmbhi770Xbd3===D~~
lucy@venus:~$
missions.txt
################
# MISSION 0x12 #
################
## EN ##
The password of the user elena is between the characters fu and ck
## ES ##
El password de la usuaria elena esta entre los caracteres fu y ck
lucy@venus:~$ cat file.yo | grep ^fu.*ck$
fu4xZ5lIKYmfPLg9tck
lucy@venus:~$ su elena
Password:
elena@venus:/pwned/lucy$ cd ~
elena@venus:~$ ls
flagz.txt mission.txt
elena@venus:~$ cat flagz.txt
8===st1pTdqEQ0bvrJfWGwLA===D~~
elena@venus:~$
missions.txt
################
# MISSION 0x13 #
################
## EN ##
The user alice has her password is in an environment variable.
## ES ##
La password de alice esta en una variable de entorno.
elena@venus:~$ printenv | grep PASS
PASS=Cgecy2MY2MWbaqt
elena@venus:~$ su alice
Password:
alice@venus:/pwned/elena$ cd ~
alice@venus:~$ ls
flagz.txt mission.txt
alice@venus:~$ cat flagz.txt
8===Qj4NNWp8LOC96S9Rtgrk===D~~
alice@venus:~$
missions.txt
################
# MISSION 0x14 #
################
## EN ##
The admin has left the password of the user anna as a comment in the file passwd.
## ES ##
El admin ha dejado la password de anna como comentario en el fichero passwd.
alice@venus:~$ cat /etc/passwd | grep anna
anna:x:1015:1015::/pwned/anna:/bin/bash
alice@venus:~$ cat /etc/passwd | grep alice
alice:x:1014:1014:w8NvY27qkpdePox:/pwned/alice:/bin/bash
alice@venus:~$ su anna
Password:
anna@venus:/pwned/alice$ cd ~
anna@venus:~$ ls
flagz.txt mission.txt
anna@venus:~$ cat flagz.txt
8===5Y3DhT66fa6Da8RpLKG0===D~~
anna@venus:~$
missions.txt
################
# MISSION 0x15 #
################
## EN ##
Maybe sudo can help you to be natalia.
## ES ##
Puede que sudo te ayude para ser natalia.
anna@venus:~$ sudo -u natalia /bin/bash
natalia@venus:/pwned/anna$ cd ~
natalia@venus:~$ ls
base64.txt flagz.txt mission.txt nataliapass.txt
natalia@venus:~$ cat flagz.txt
8===JWHa1GQq1AYrBWNXEJrH===D~~
natalia@venus:~$
missions.txt
################
# MISSION 0x16 #
################
## EN ##
The password of user eva is encoded in the base64.txt file
## ES ##
El password de eva esta encodeado en el fichero base64.txt
cat base64.txt
dXBzQ0EzVUZ1MTBmREFPCg==
Encode : dXBzQ0EzVUZ1MTBmREFPCg==
Decode : upsCA3UFu10fDAO
natalia@venus:~$ su eva
Password:
eva@venus:/pwned/natalia$ cd ~
eva@venus:~$ ls
flagz.txt mission.txt
eva@venus:~$ cat flagz.txt
8===22cqk3iGkGYVqnYrHiof===D~~
eva@venus:~$
missions.txt
################
# MISSION 0x17 #
################
## EN ##
The password of the clara user is found in a file modified on May 1, 1968.
## ES ##
La password de la usuaria clara se encuentra en un fichero modificado el 01 de Mayo de 1968.
eva@venus:~$ find / -type f ! -newermt 1970-01-02 -ls 2>/dev/null
403708 4 -rw-r--r-- 1 root root 16 Jan 1 1970 /usr/lib/cmdo
eva@venus:~$ cat /usr/lib/cmdo
39YziWp5gSvgQN9
eva@venus:~$ su clara
Password:
clara@venus:/pwned/hacker$ cd ~
clara@venus:~$ ls
flagz.txt mission.txt protected.zip
clara@venus:~$ cat flagz.txt
8===EJWmHDEQeEN1vIR7NYiH===D~~
clara@venus:~$
missions.txt
################
# MISSION 0x18 #
################
## EN ##
The password of user frida is in the password-protected zip (rockyou.txt can help you)
## ES ##
La password de frida esta en el zip protegido con password.(rockyou.txt puede ayudarte)
└─$ sftp -P 5000 clara@venus.hackmyvm.eu
└─$ 39YziWp5gSvgQN9
clara@venus.hackmyvm.eu's password:
Connected to venus.hackmyvm.eu.
sftp> ls
flagz.txt mission.txt protected.zip
sftp> get protected.zip
Fetching /pwned/clara/protected.zip to protected.zip
/pwned/clara/protected.zip 100% 244 0.6KB/s 00:00
JohnTheRipper
└─$ zip2john protected.zip > hash.txt
└─$ john --format=PKZIP --wordlist=/usr/share/wordlists/rockyou.txt hash.txt
Using default input encoding: UTF-8
Loaded 1 password hash (PKZIP [32/64])
Will run 4 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
pass123 (protected.zip/pwned/clara/protected.txt)
1g 0:00:00:00 DONE (2022-11-20 12:46) 100.0g/s 819200p/s 819200c/s 819200C/s 123456..whitetiger
Use the "--show" option to display all of the cracked passwords reliably
Session completed.
└─$ unzip protected.zip
Archive: protected.zip
[protected.zip] pwned/clara/protected.txt password:
replace pwned/clara/protected.txt? [y]es, [n]o, [A]ll, [N]one, [r]ename: yes
extracting: pwned/clara/protected.txt
└─$ cd pwned/clara
└─$ cat protected.txt
Ed4ErEUJEaMcXli
clara@venus:~$ su frida
Password:
frida@venus:/pwned/clara$ cd ~
frida@venus:~$ cat flagz.txt
8===Ikg2qj8KT2bGJtWvR6hC===D~~
frida@venus:~$
missions.txt
################
# MISSION 0x19 #
################
## EN ##
The password of eliza is the only string that is repeated (unsorted) in repeated.txt.
## ES ##
La password de eliza es el unico string que se repite (sin estar ordenado) en repeated.txt.
frida@venus:~$ uniq -d repeated.txt
Fg6b6aoksceQqB9
frida@venus:~$ su eliza
Password:
eliza@venus:/pwned/frida$ cd ~
eliza@venus:~$ ls
flagz.txt mission.txt
eliza@venus:~$ cat flagz.txt
8===zwWIPyDf2ozwVhCTxm1I===D~~
eliza@venus:~$
uniq -d testfile 删重
missions.txt
################
# MISSION 0x20 #
################
## EN ##
The user iris has left me her key.
## ES ##
La usuaria iris me ha dejado su key.
eliza@venus:~$ ls -a
. .. .bash_logout .bashrc .iris_key .profile flagz.txt mission.txt
eliza@venus:~$ ls -la
total 36
drwxr-x--- 2 root eliza 4096 Apr 7 2022 .
drwxr-xr-x 1 root root 4096 Apr 7 2022 ..
-rw-r--r-- 1 eliza eliza 220 Aug 4 2021 .bash_logout
-rw-r--r-- 1 eliza eliza 3526 Aug 4 2021 .bashrc
-rw-r----- 1 root eliza 2602 Apr 7 2022 .iris_key
-rw-r--r-- 1 eliza eliza 807 Aug 4 2021 .profile
-rw-r----- 1 root eliza 31 Apr 7 2022 flagz.txt
-rw-r----- 1 root eliza 143 Apr 7 2022 mission.txt
eliza@venus:~$
[-i identity_file]
eliza@venus:~$ ssh -i .iris_key iris@localhost
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:ARNXOhO4Aisq1Dv96z2ZNk96a8qycr+JIljSMY+JBe8.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
iris@venus:~$ ls
eloise flagz.txt irispass.txt mission.txt
iris@venus:~$ cat flagz.txt
8===ClrdWOqlZ1vL61zSk9Va===D~~
iris@venus:~$
missions.txt
################
# MISSION 0x21 #
################
## EN ##
User eloise has saved her password in a particular way.
## ES ##
La usuaria eloise ha guardado su password de una forma particular.
iris@venus:~$ cat eloise
/9j/4AAQSkZJRgABAQEAYABgA......CiiigAooooAKKKKAP/9k=
方法一:
└─$ cat eloise | base64 -d > eloise.pdf
方法二:
CTF 常见的 base64 转图
https://tool.jisuapi.com/base642pic.html
yOUJlV0SHOnbSPm
iris@venus:~$ su eloise
Password:
eloise@venus:/pwned/iris$ cd ~
eloise@venus:~$ ls
flagz.txt hi mission.txt
eloise@venus:~$ cat flagz.txt
8===57CzBLKaEq2N8YBFRu31===D~~
eloise@venus:~$
missions.txt
################
# MISSION 0x22 #
################
## EN ##
User lucia has been creative in saving her password.
## ES ##
La usuaria lucia ha sido creativa en la forma de guardar su password.
CTF 中分析文件时,经常会看到这样的 16 进制
eloise@venus:~$ cat hi
00000000: 7576 4d77 4644 5172 5157 504d 6547 500a
eloise@venus:~$ cat hi | xxd -r
uvMwFDQrQWPMeGP
eloise@venus:~$ su lucia
Password:
lucia@venus:/pwned/eloise$ cd ~
lucia@venus:~$ ls
dict.txt flagz.txt mission.txt
lucia@venus:~$ cat flagz.txt
8===5Sr2pqeVTmn8RaaPmTPE===D~~
lucia@venus:~$
missions.txt
################
# MISSION 0x23 #
################
## EN ##
The user isabel has left her password in a file in the /etc/xdg folder but she does not remember the name, however she has dict.txt that can help her to remember.
## ES ##
La usuaria isabel ha dejado su password en un fichero en la carpeta /etc/xdg pero no recuerda el nombre, sin embargo tiene dict.txt que puede ayudarle a recordar.
lucia@venus:~$ while IFS= read -r line; do cat /etc/xdg/$line; done < dict.txt 2>/dev/null
H5ol8Z2mrRsorC0
lucia@venus:~$ su isabel
Password:
isabel@venus:/pwned/lucia$ cd ~
isabel@venus:~$ ls
different.txt flagz.txt mission.txt
isabel@venus:~$ cat flagz.txt
8===Md2CU83GtVfouhm9U0AS===D~~
isabel@venus:~$
missions.txt
################
# MISSION 0x24 #
################
## EN ##
The password of the user freya is the only string that is not repeated in different.txt
## ES ##
La password de la usuaria freya es el unico string que no se repite en different.txt
isabel@venus:~$ uniq -u different.txt
EEDyYFDwYsmYawj
isabel@venus:~$ su freya
Password:
freya@venus:/pwned/isabel$ cd ~
freya@venus:~$ cat flagz.txt
8===m1rRSv2pdm3sBGmgidul===D~~
freya@venus:~$
1.User sophia has saved her password in a hidden file in this folder. Find it and log in as sophia.
> ls -la
2.The user angela has saved her password in a file but she does not remember where ... she only remembers that the file was called whereismypazz.txt
> find / -name "whereismypazz.txt" 2>/dev/null
3.The password of the user emma is in line 4069 of the file findme.txt
> vim findme.txt
4.User mia has left her password in the file -.
> cat ./-
5.It seems that the user camila has left her password inside a folder called hereiam
> find / -name "hereiam" 2>/dev/null
6.The user luna has left her password in a file inside the muack folder.
> find ./muack/ -type f
7.The user eleanor has left her password in a file that occupies 6969 bytes.
> find / -size 6969c 2>/dev/null
8.The user victoria has left her password in a file in which the owner is the user violin.
> find / -user violin 2>/dev/null
9.The user isla has left her password in a zip file.
> cp passw0rd.zip /tmp/1/
> cd /tmp/1/
> unzip passw0rd.zip
10.The password of the user violet is in the line that begins with a9HFX (these 5 characters are not part of her password.).
> cat passy | grep ^a9HFX
11.The password of the user lucy is in the line that ends with 0JuAZ (these last 5 characters are not part of her password)
> cat end | grep 0JuAZ$
12.The password of the user elena is between the characters fu and ck
> cat file.yo | grep ^fu.*ck$
13.The user alice has her password is in an environment variable.
> printenv | grep PASS
14.The admin has left the password of the user anna as a comment in the file passwd.
> cat /etc/passwd | grep anna
15.Maybe sudo can help you to be natalia.
> sudo -u natalia /bin/bash
16.The password of user eva is encoded in the base64.txt file
> cat base64.txt
dXBzQ0EzVUZ1MTBmREFPCg==
17.The password of the clara user is found in a file modified on May 1, 1968.
> find / -type f ! -newermt 1970-01-02 -ls 2>/dev/null
18.The password of user frida is in the password-protected zip (rockyou.txt can help you)
└─$ sftp -P 5000 clara@venus.hackmyvm.eu
sftp> ls
sftp> get protected.zip
└─$ zip2john protected.zip > hash.txt
└─$ john --format=PKZIP --wordlist=/usr/share/wordlists/rockyou.txt hash.txt
└─$ unzip protected.zip
19.The password of eliza is the only string that is repeated (unsorted) in repeated.txt.
> uniq -d repeated.txt
20.The user iris has left me her key.
> ssh -i .iris_key iris@localhost
21.User eloise has saved her password in a particular way.
> cat eloise | base64 -d > eloise.pdf
22.User lucia has been creative in saving her password.
> cat hi | xxd -r
23.The user isabel has left her password in a file in the /etc/xdg folder but she does not remember the name, however she has dict.txt that can help her to remember.
> while IFS= read -r line; do cat /etc/xdg/$line; done < dict.txt 2>/dev/null
24.The password of the user freya is the only string that is not repeated in different.txt
> uniq -u different.txt