posts/overthewire/bandit/level17/

[utterances-bot]

OverTheWire Bandit Level 16 -> 17 - Walkthrough - MayADevBe Blog

A walkthrough of Level 16 -> 17 of the Bandit wargame from OverTheWire. - Port and Service Scanning with Nmap and SSL repetition.

https://mayadevbe.me/posts/overthewire/bandit/level17/

[lexzee]

I have tried connecting multiple times, it is just returning 'permission denied'

[lexzee]

I am getting "error in libcrypto"

[MayADevBe]

@lexzee I'm assuming you have the private key and are trying to log into the next level? Cannot really tell without really knowing the details, what might be the issue. But if so of the top of my head these are the things you could try:

• make sure the private key is complete and does not contain any other characters (also look at 'invisible' characters like newline etc)
• try using the key either being logged in as bandit user or try it from your local machine.
• make sure the key has the right permissions I hope this helps!

[BoPann]

i used "openssl s_client -connect localhost:31790" But instead of getting a private api key I am getting "KEYUPDATE" why is this happening?

[MayADevBe]

@BoPann Check out this reddit thread: https://www.reddit.com/r/securityCTF/comments/1dnfopm/stuck_on_bandit_16_need_your_help_pliiiz/ - it seems to be your issue. It states two possible solutions, either 'echo “password from the previous level” | openssl s_client -quiet -connect localhost:port_number oropenssl s_client -ign_eof -connect . Apparently, the new password begins with a 'k', which if you look at the doc of [openssl-s_client](https://docs.openssl.org/master/man1/openssl-s_client/) is a command toSend a key update message to the server (TLSv1.3 only)`.

[BoPann]

It works! Thank you so much!

[nami-nori]

I had a question about creating the file, I'm using cygwin and I'm not really sure where I have to make the file or how. Do I make it on my windows machine or do I make it within cygwin? would it need to be a .private file or is a .txt file okay?

[MayADevBe]

@nami-nori I'm unfamiliar with cygwin, so I don't know how to do this. The file should be saved on your computer normally (how did you solve Level 14, this is similar). The only thing I found is this link: https://cygwin.com/packaging/key.html, however, no idea about the specifics, sorry.

[nami-nori]

@nami-nori I'm unfamiliar with cygwin, so I don't know how to do this. The file should be saved on your computer normally (how did you solve Level 14, this is similar). The only thing I found is this link: https://cygwin.com/packaging/key.html, however, no idea about the specifics, sorry.

Oh, that's alright! (Level 14 the file was created for me, and I did in fact just create a new file in the same way through trial and error) . I appreciate you taking the time to leave a reply and send an extra resource :) Thank you very much!

[lexzee]

@MayADevBe It appears I have been using the wrong private key all along, I works now. Thank you.

[EHilder]

For anybody getting "error in libcrypto", make sure you are copying the -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY----- portions as well, as they allow libcrypto to parse the key.