You will encounter many situations in which you have no idea what you are supposed to do. Don’t panic! Don’t give up! The purpose of this game is for you to learn the basics. Part of learning the basics, is reading a lot of new information.
The goal of this level is for you to log into the game using SSH. The host to which you need to connect is bandit.labs.overthewire.org, on port 2220. The username is bandit0 and the password is bandit0. Once logged in, go to the Level 1 page to find out how to beat Level 1.
ssh [email protected] -p 2220
This is a OverTheWire game server. More information on http://www.overthewire.org/wargames
[email protected]'s password:
Linux bandit 4.18.12 x86_64 GNU/Linux
,----.. ,----, .---.
/ / \ ,/ .`| /. ./|
/ . : ,` .' : .--'. ' ;
. / ;. \ ; ; / /__./ \ : |
. ; / ` ; .'___,/ ,' .--'. ' \' .
; | ; \ ; | | : | /___/ \ | ' '
| : | ; | ' ; |.'; ; ; \ \; :
. | ' ' ' : `----' | | \ ; ` |
' ; \; / | ' : ; . \ .\ ;
\ \ ', / | | ' \ \ ' \ |
; : / ' : | : ' |--"
\ \ .' ; |.' \ \ ;
www. `---` ver '---' he '---" ire.org
Welcome to OverTheWire!
If you find any problems, please report them to Steven or morla on
irc.overthewire.org.
--[ Playing the games ]--
This machine might hold several wargames.
If you are playing "somegame", then:
* USERNAMES are somegame0, somegame1, ...
* Most LEVELS are stored in /somegame/.
* PASSWORDS for each level are stored in /etc/somegame_pass/.
Write-access to homedirectories is disabled. It is advised to create a
working directory with a hard-to-guess name in /tmp/. You can use the
command "mktemp -d" in order to generate a random and hard to guess
directory in /tmp/. Read-access to both /tmp/ and /proc/ is disabled
so that users can not snoop on eachother. Files and directories with
easily guessable or short names will be periodically deleted!
Please play nice:
* don't leave orphan processes running
* don't leave exploit-files laying around
* don't annoy other players
* don't post passwords or spoilers
* again, DONT POST SPOILERS!
This includes writeups of your solution on your blog or website!
--[ Tips ]--
This machine has a 64bit processor and many security-features enabled
by default, although ASLR has been switched off. The following
compiler flags might be interesting:
-m32 compile for 32bit
-fno-stack-protector disable ProPolice
-Wl,-z,norelro disable relro
In addition, the execstack tool can be used to flag the stack as
executable on ELF binaries.
Finally, network-access is limited for most levels by a local
firewall.
--[ Tools ]--
For your convenience we have installed a few usefull tools which you can find
in the following locations:
* pwndbg (https://github.com/pwndbg/pwndbg) in /usr/local/pwndbg/
* peda (https://github.com/longld/peda.git) in /usr/local/peda/
* gdbinit (https://github.com/gdbinit/Gdbinit) in /usr/local/gdbinit/
* pwntools (https://github.com/Gallopsled/pwntools)
* radare2 (http://www.radare.org/)
* checksec.sh (http://www.trapkit.de/tools/checksec.html) in /usr/local/bin/checksec.sh
--[ More information ]--
For more information regarding individual wargames, visit
http://www.overthewire.org/wargames/
For support, questions or comments, contact us through IRC on
irc.overthewire.org #wargames.
Enjoy your stay!
The password for the next level is stored in a file called readme located in the home directory. Use this password to log into bandit1 using SSH. Whenever you find a password for a level, use SSH (on port 2220) to log into that level and continue the game.
cat readme
Password: boJ9jbbUNNfktd78OOpsqOltutMc3MY1
The password for the next level is stored in a file called - located in the home directory.
cat ./-
Password: CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9
The password for the next level is stored in a file called spaces in this filename located in the home directory.
cat spaces/ in/ this/ filename
Password: UmHadQclWmgdLOKQ3YNgjWxGoRMb5luK
The password for the next level is stored in a hidden file in the inhere directory.
ls
cd inhere
ls -al
cat ./.hidden
Password: pIwrPrtPN36QITSp3EQaw936yaFoFgAB
The password for the next level is stored in the only human-readable file in the inhere directory. Tip: if your terminal is messed up, try the “reset” command.
array=('-file00' '-file01' '-file02' '-file03' '-file04' '-file05' '-file06' '-file07' '-file08' '-file09')
for item in ${array[*]}
do
cat ./$item
printf "\n"
done
Password: koReBOKuIDDepwhWk7jZC0RTdopnAYKh
The password for the next level is stored in a file somewhere under the inhere directory and has all of the following properties: human-readable 1033 bytes in size not executable
file . -type f -size 1033c ! -executable -exec file {}+ | grep ASCII
cat ./maybehere07/.file2
Password: DXjZPULLxYr17uwoI01bNLQbtFemEgo7
The password for the next level is stored in the file data.txt next to the word millionth.
grep 'millionth' data.txt
Password: cvX2JJa4CFALtqS87jk27qwqGhBM9plV
The password for the next level is stored in the file data.txt and is the only line of text that occurs only once.
The password for the next level is stored somewhere on the server and has all of the following properties:
owned by user bandit7 owned by group bandit6 33 bytes in size
file / -size 33c -user bandit7 -group bandit6 2>/dev/null
cat var/lib/dpkg/info/bandit7.password
Password: HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs
The password for the next level is stored in the file data.txt next to the word millionth
grep 'millionth' data.txt
Password: cvX2JJa4CFALtqS87jk27qwqGhBM9plV
The password for the next level is stored in the file data.txt and is the only line of text that occurs only once.
sort data.txt | uniq -c
Password: UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR
The password for the next level is stored in the file data.txt in one of the few human-readable strings, beginning with several ‘=’ characters.
strings -a data.txt
MBB
`B6ha
nK)U2u
&y@@2
5Lo%
ru@n
D}U'
e#s.
!:/%p
*'dZ
bgM>H
M0d>uG
G@?>
"a`*
38zT
`mNg H
:U[,
c?Vh
CEhL5d
2========== the
r,!l
FMQ]2
Sf2
5iu^B
#e1[u
k+0dbun
h.TF
>V I
Zaf3
OWj6
GY E
,ebr
i$Vh
CL}0Vx<M6
mB#L
S%T{`G
LUu]\
`r $C
xL4%
!AwV
@T.a-
6NJ~
<E:C{{
!|#D
8kk#A
Ju:5s-~
{vbT
1mBO
^VS'
oFP/;l
*m&-
Q"7d
`THN
GI5M
!(Yl
G\@P
h2aO
XvMTP
Hm["V
|,ZO
n1p A
TE[S
3EQi
)'0U
a;0\
az|Y+
w]Ov
`4F<N
t8lHX u
W.uO7
i$2w
epg~
i^eE
========== password
NHGu
5xhH
|f;P]!
~5&:
oc8,`:
>t= yP
rV~dHm=
];,I
tw3y
[[N#
xo?C
h\h<M
&B&l
DgdJ
c _<9>D
Igzz
//Jr
:DLq
qEk9s
ci`2
c([t
y>?+
jgF5X
T}~_Z]
========== isa
P-+i
$OGu
Ez&.
3 5w
"k"}
yA1H]W
@m>[
fhul
&%I{
g0?W;
SXEO
Q,9_
$!T1
Z:rU
m$jJ
oM\U
g%tq_
"dPy~
ox:z
X9H]*x]
S2Fx
5Vmgn
hP}"
e&/R
czdy
h;W
g[W%
=FQ?P\U
#u& ZQ~f
.r@v
H.yKk
\3;W
oZ_N
U4@v
IOG+
"{q<
= F[
2YkI!
wt2N
-q}u
5eQP
snn`*
"T?X^
D2HM
H0&t.
$Y)&wA Y
D%t`
\<Nj
\Zo\h]
'NL}B
* +ta
Fj~%E
5m*rU?w[
BE3K
]o#s
i_9r
0L&,
HfA0
<h%7
9Mz;
|NJP
pb=x
AAbd<
\+pW
n_'h
f^<-KJ
J;m=
#&Op
\u~#
nd19
o?Mwf
m\uG
Z7 IS|
FN+r
4FS;
lj/f
d3hM
)/<PO
$O@]
qbvT
vXib
]Knt
:m;r
w: vC
>{Tz
pT{%5
tYrQT(
dsTaFp
lI_z
UoUf
5{0+
Xj/^
cT>ZHE
6G5L
F2wrB
m14g
{82AX
7k6
~$0bDWT
@Mgk
:uy
`'8u
!"Di
I#8B
+"aH
?L'[i!#S
!H>k0J
0l`c
kH )
=)$=
}mOU
[_g25
72\P
xQf]
7li&
========== truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk
ypi*
lTq;
UqUY`
d&lk
wU5
iv8!=
fBBB
^$a?
,FAl
5M_8
RcJ h
*JI;
mzy8s#
8("Ym
W 3C
c0@L<.
yP1g
?9Xc6
VkcO
ZI -^ip
*t[z
{d2~
q7 u@
J@&C
JI9J
+TuBy
^ek$
K8P77f+
"1oq
Nd^*<
((97
47M<}
&~Zd
Sh+b
8a?E
+vex1]
Y(Zs
Cl/(;
{4x
Password: truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk
The password for the next level is stored in the file data.txt, which contains base64 encoded data.
base64 -d data.txt
The password is IFukwKGsFW8MOq3IRFqrxE1hxTNEbUPR
Password: IFukwKGsFW8MOq3IRFqrxE1hxTNEbUPR
The password for the next level is stored in the file data.txt, where all lowercase (a-z) and uppercase (A-Z) letters have been rotated by 13 positions.
cat data.txt | tr 'a-zA-Z' n-za-mN-ZA-M'
Password: 5Te8Y4drgCRfCx8ugdwuEX8KFC6k2EUu
The password for the next level is stored in the file data.txt, which is a hexdump of a file that has been repeatedly compressed. For this level it may be useful to create a directory under /tmp in which you can work using mkdir. For example: mkdir /tmp/myname123. Then copy the datafile using cp, and rename it using mv (read the manpages!)
#### Solution:
gzip data2.bin
bandit12@bandit:/tmp/arihant$ ls
data2.bin.gz data.txt
bandit12@bandit:/tmp/arihant$ file data2.bin.gz
data2.bin.gz: gzip compressed data, was "data2.bin", last modified: Sun Jan 13 19:04:03 2019, from Unix
bandit12@bandit:/tmp/arihant$ gzip -d data2.bin.gz
bandit12@bandit:/tmp/arihant$ ls
data2.bin data.txt
bandit12@bandit:/tmp/arihant$
bandit12@bandit:/tmp/arihant$ zcat data2.bin | file -
/dev/stdin: bzip2 compressed data, block size = 900k
bandit12@bandit:/tmp/arihant$ ls
data2.bin data.txt
bandit12@bandit:/tmp/arihant$ zcat data2.bin | bzcat | file -
/dev/stdin: gzip compressed data, was "data4.bin", last modified: Tue Oct 16 12:00:23 2018, max compression, from Unix
bandit12@bandit:/tmp/arihant$ zcat data2.bin | bzcat | zcat | file -
/dev/stdin: POSIX tar archive (GNU)
bandit12@bandit:/tmp/arihant$ zcat data2.bin | bzcat | zcat | tar | file -
tar: You must specify one of the '-Acdtrux', '--delete' or '--test-label' options
Try 'tar --help' or 'tar --usage' for more information.
/dev/stdin: empty
bandit12@bandit:/tmp/arihant$ zcat data2.bin | bzcat | zcat | tar x0 | file -
tar: Options '-[0-7][lmh]' not supported by *this* tar
Try 'tar --help' or 'tar --usage' for more information.
/dev/stdin: empty
bandit12@bandit:/tmp/arihant$ ls
data2.bin data.txt
bandit12@bandit:/tmp/arihant$ zcat data2.bin | bzcat | zcat | tar xO | file -
/dev/stdin: POSIX tar archive (GNU)
bandit12@bandit:/tmp/arihant$ zcat data2.bin | bzcat | zcat | tar xO | tar xO | file -
/dev/stdin: bzip2 compressed data, block size = 900k
bandit12@bandit:/tmp/arihant$ zcat data2.bin | bzcat | zcat | tar xO | tar xO | bzcat | file -
/dev/stdin: POSIX tar archive (GNU)
bandit12@bandit:/tmp/arihant$ zcat data2.bin | bzcat | zcat | tar xO | tar xO | bzcat | tar xO | file -
/dev/stdin: gzip compressed data, was "data9.bin", last modified: Tue Oct 16 12:00:23 2018, max compression, from Unix
bandit12@bandit:/tmp/arihant$ zcat data2.bin | bzcat | zcat | tar xO | tar xO | bzcat | tar xO | zcat | file -
/dev/stdin: ASCII text
bandit12@bandit:/tmp/arihant$ ls
data2.bin data.txt
bandit12@bandit:/tmp/arihant$ zcat data2.bin | bzcat | zcat | tar xO | tar xO | bzcat | tar xO | zcat
The password is 8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL
Password: 8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL
The password for the next level is stored in /etc/bandit_pass/bandit14 and can only be read by user bandit14. For this level, you don’t get the next password, but you get a private SSH key that can be used to log into the next level. Note: localhost is a hostname that refers to the machine you are working on.
cat sshkey.private
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAxkkOE83W2cOT7IWhFc9aPaaQmQDdgzuXCv+ppZHa++buSkN+
gg0tcr7Fw8NLGa5+Uzec2rEg0WmeevB13AIoYp0MZyETq46t+jk9puNwZwIt9XgB
ZufGtZEwWbFWw/vVLNwOXBe4UWStGRWzgPpEeSv5Tb1VjLZIBdGphTIK22Amz6Zb
ThMsiMnyJafEwJ/T8PQO3myS91vUHEuoOMAzoUID4kN0MEZ3+XahyK0HJVq68KsV
ObefXG1vvA3GAJ29kxJaqvRfgYnqZryWN7w3CHjNU4c/2Jkp+n8L0SnxaNA+WYA7
jiPyTF0is8uzMlYQ4l1Lzh/8/MpvhCQF8r22dwIDAQABAoIBAQC6dWBjhyEOzjeA
J3j/RWmap9M5zfJ/wb2bfidNpwbB8rsJ4sZIDZQ7XuIh4LfygoAQSS+bBw3RXvzE
pvJt3SmU8hIDuLsCjL1VnBY5pY7Bju8g8aR/3FyjyNAqx/TLfzlLYfOu7i9Jet67
xAh0tONG/u8FB5I3LAI2Vp6OviwvdWeC4nOxCthldpuPKNLA8rmMMVRTKQ+7T2VS
nXmwYckKUcUgzoVSpiNZaS0zUDypdpy2+tRH3MQa5kqN1YKjvF8RC47woOYCktsD
o3FFpGNFec9Taa3Msy+DfQQhHKZFKIL3bJDONtmrVvtYK40/yeU4aZ/HA2DQzwhe
ol1AfiEhAoGBAOnVjosBkm7sblK+n4IEwPxs8sOmhPnTDUy5WGrpSCrXOmsVIBUf
laL3ZGLx3xCIwtCnEucB9DvN2HZkupc/h6hTKUYLqXuyLD8njTrbRhLgbC9QrKrS
M1F2fSTxVqPtZDlDMwjNR04xHA/fKh8bXXyTMqOHNJTHHNhbh3McdURjAoGBANkU
1hqfnw7+aXncJ9bjysr1ZWbqOE5Nd8AFgfwaKuGTTVX2NsUQnCMWdOp+wFak40JH
PKWkJNdBG+ex0H9JNQsTK3X5PBMAS8AfX0GrKeuwKWA6erytVTqjOfLYcdp5+z9s
8DtVCxDuVsM+i4X8UqIGOlvGbtKEVokHPFXP1q/dAoGAcHg5YX7WEehCgCYTzpO+
xysX8ScM2qS6xuZ3MqUWAxUWkh7NGZvhe0sGy9iOdANzwKw7mUUFViaCMR/t54W1
GC83sOs3D7n5Mj8x3NdO8xFit7dT9a245TvaoYQ7KgmqpSg/ScKCw4c3eiLava+J
3btnJeSIU+8ZXq9XjPRpKwUCgYA7z6LiOQKxNeXH3qHXcnHok855maUj5fJNpPbY
iDkyZ8ySF8GlcFsky8Yw6fWCqfG3zDrohJ5l9JmEsBh7SadkwsZhvecQcS9t4vby
9/8X4jS0P8ibfcKS4nBP+dT81kkkg5Z5MohXBORA7VWx+ACohcDEkprsQ+w32xeD
qT1EvQKBgQDKm8ws2ByvSUVs9GjTilCajFqLJ0eVYzRPaY6f++Gv/UVfAPV4c+S0
kAWpXbv5tbkkzbS0eaLPTKgLzavXtQoTtKwrjpolHKIHUz6Wu+n4abfAIRFubOdN
/+aLoRQ0yBDRbdXMsZN/jvY44eM+xRLdRVyMmdPtP8belRi2E2aEzA==
-----END RSA PRIVATE KEY-----
vim sshkey.private.txt .
chmod 600 sshkey.private.txt
ssh -i sshkey.private.txt [email protected] -p 2220
Broadcast message from root@bandit (pts/24) (Sun Jan 13 20:19:24 2019):
sorry, smal reboot coming up.
no time no time letz do some crime
happy whatever day it is
cheers
morla
Broadcast message from root@bandit (pts/24) (Sun Jan 13 20:20:18 2019):
The system is going DOWN for reboot in 10 minutes!
Broadcast message from root@bandit (pts/24) (Sun Jan 13 20:21:18 2019):
The system is going DOWN for reboot in 9 minutes!
Broadcast message from root@bandit (pts/24) (Sun Jan 13 20:22:18 2019):
The system is going DOWN for reboot in 8 minutes!
Broadcast message from root@bandit (pts/24) (Sun Jan 13 20:23:18 2019):
The system is going DOWN for reboot in 7 minutes!
ls -al
total 24
The password for the next level can be retrieved by submitting the password of the current level to port 30000 on localhost.
login to bandit14
cat /etc/bandit_pass/bandit14
Password: 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e
cat /etc/bandit_pass/bandit14 | nc localhost 30000
Password: BfMYroe26WYalil77FoDi9qh59eK5xNr
The password for the next level can be retrieved by submitting the password of the current level to port 30001 on localhost using SSL encryption.
Helpful note: Getting “HEARTBEATING” and “Read R BLOCK”? Use -ign_eof and read the “CONNECTED COMMANDS” section in the manpage. Next to ‘R’ and ‘Q’, the ‘B’ command also works in this version of that command…
echo "BfMYroe26WYalil77FoDi9qh59eK5xNr" | openssl s_client -connect localhost:30001 -ign_eof
CONNECTED(00000003)
depth=0 CN = localhost
verify error:num=18:self signed certificate
verify return:1
depth=0 CN = localhost
verify return:1
---
Certificate chain
0 s:/CN=localhost
i:/CN=localhost
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICBjCCAW+gAwIBAgIENHv1njANBgkqhkiG9w0BAQUFADAUMRIwEAYDVQQDDAls
b2NhbGhvc3QwHhcNMTkwMTEzMTkzNDMwWhcNMjAwMTEzMTkzNDMwWjAUMRIwEAYD
VQQDDAlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALOkCuqD
hi2X8nQ1Fu/p2hHx+3SeORNWt76H7Q/Wr8ZYapwViACu7h/d+Gn1Z4/1ZVN5Ukz3
fiS7UiA73eJg2iLo9rXzPw01hVB+IA4RtSTBmsUm7vwIgNDv5RsrYLl6JCGaZ+ns
/z5ihBHILWT3zvLyAn98HUiVAjAahiuwBtHxAgMBAAGjZTBjMBQGA1UdEQQNMAuC
CWxvY2FsaG9zdDBLBglghkgBhvhCAQ0EPhY8QXV0b21hdGljYWxseSBnZW5lcmF0
ZWQgYnkgTmNhdC4gU2VlIGh0dHBzOi8vbm1hcC5vcmcvbmNhdC8uMA0GCSqGSIb3
DQEBBQUAA4GBABiUJgikW8Ig5kuqkB3VCZiACRm5bsC4T5EH531RtzDi6Yywnqm3
xDbfWzLIoWpVq2U2pViIVsPmQ6nGjASQSlQhxsg9kZBaqYB26AcgrmbVIruywtij
JXvZkb10yrXeqtfK5bO8+kILa8XSBVbIXQ55Cn4HiHE7NtDZBOLBTl2/
-----END CERTIFICATE-----
subject=/CN=localhost
issuer=/CN=localhost
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 1019 bytes and written 269 bytes
Verification error: self signed certificate
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: CD5198D92457BF75F87A0C0EAEF998DEA63F5AB78C0120DEF334AC278316D6DD
Session-ID-ctx:
Master-Key: 64355AB9924363EF440CCE6C80B54FAA34982B835B2B12FA37ACFE1822FEE578565DBAED62F19A00D63BD8C5A94D2E6A
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 7200 (seconds)
TLS session ticket:
0000 - 32 a4 5b 29 4b c8 06 db-a5 7e c7 95 4f fd c4 c1 2.[)K....~..O...
0010 - 55 37 e5 5c a1 91 ba 50-7b 12 f4 5d e4 3a 9d 10 U7.\...P{..].:..
0020 - 08 5e 80 e3 cc 64 8d e1-d9 16 25 84 53 35 cd 70 .^...d....%.S5.p
0030 - ea 9e a4 33 8b c6 6e 5e-4c b9 2f 9b 61 a0 01 d4 ...3..n^L./.a...
0040 - 1a d8 3d f5 d0 e8 9a 3c-0a 97 19 8e 19 2f ae a3 ..=....<...../..
0050 - 40 56 a7 ed 8e 54 ec 1e-e7 83 32 1e 2e cc 4b 15 @V...T....2...K.
0060 - 91 c3 c8 d7 f3 fd 54 75-31 9a 6f e1 9a 6c 4a 04 ......Tu1.o..lJ.
0070 - b8 1f 29 67 5b 2e 0e 09-7e 1a ab 39 8f 96 2e 11 ..)g[...~..9....
0080 - 45 e0 8b a0 7e bb 79 38-89 ef c1 84 de 0c a4 91 E...~.y8........
0090 - 41 77 0a c1 e8 c0 4f 28-75 c0 58 c2 ac 6c 0a 82 Aw....O(u.X..l..
Start Time: 1547411700
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
Extended master secret: yes
---
Correct!
cluFn7wTiGryunymYOu4RcffSxQluehd
closed
Password: cluFn7wTiGryunymYOu4RcffSxQluehd
The credentials for the next level can be retrieved by submitting the password of the current level to a port on localhost in the range 31000 to 32000. First find out which of these ports have a server listening on them. Then find out which of those speak SSL and which don’t. There is only 1 server that will give the next credentials, the others will simply send back to you whatever you send to it.
bandit16@bandit:~$ nc -zv localhost 31000-32000
localhost [127.0.0.1] 31960 (?) open
localhost [127.0.0.1] 31790 (?) open
localhost [127.0.0.1] 31518 (?) open
bandit16@bandit:~$ for i in 31960 31790 31518
> do
> echo "cluFn7wTiGryunymYOu4RcffSxQluehd" | openssl s_client -connect localhost:$i -ign_eof
> done
CONNECTED(00000003)
140055921763584:error:141A10F4:SSL routines:ossl_statem_client_read_transition:unexpected message:../ssl/statem/statem_clnt.c:269:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 176 bytes and written 183 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1547723067
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---
CONNECTED(00000003)
depth=0 CN = localhost
verify error:num=18:self signed certificate
verify return:1
depth=0 CN = localhost
verify return:1
---
Certificate chain
0 s:/CN=localhost
i:/CN=localhost
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICBjCCAW+gAwIBAgIELHlSDDANBgkqhkiG9w0BAQUFADAUMRIwEAYDVQQDDAls
b2NhbGhvc3QwHhcNMTkwMTEzMTkzNDMwWhcNMjAwMTEzMTkzNDMwWjAUMRIwEAYD
VQQDDAlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ4UdWRN
ZmKD+47wp9PM6kCsCLM6u3WD1ByGlnJn3HeILlCxId2oaklGkOx/BzYcX8m0U+wU
XrC8/lC0o1YHfgfCaVht4ubhmrlD4iUnY7pABtIsrIdLgz/Ee54121GG2+ZZfmpq
mMytFoWyHSQUNFtavUMPYkzNCI8FO7GiLIZrAgMBAAGjZTBjMBQGA1UdEQQNMAuC
CWxvY2FsaG9zdDBLBglghkgBhvhCAQ0EPhY8QXV0b21hdGljYWxseSBnZW5lcmF0
ZWQgYnkgTmNhdC4gU2VlIGh0dHBzOi8vbm1hcC5vcmcvbmNhdC8uMA0GCSqGSIb3
DQEBBQUAA4GBAEtU/dx2IFDG7q3IcOmYkrvzHlmUKMXPiQqJgim/nzAo89is3A2B
S9+oWaaCX+Z5Hz97h7nJNFQHTjpoKKP0wS7ZqdpXFXFOVa4rD12hPEebqE/fCPiC
bOoJkI78ZtUg3fbal8XPHyQK4QcOfgfVAIjSgoUfiNJYQz+0Yqh6EMEp
-----END CERTIFICATE-----
subject=/CN=localhost
issuer=/CN=localhost
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 1019 bytes and written 269 bytes
Verification error: self signed certificate
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: EE1D74BAEEE8311D28E2813FB8615BA0F43F2DF1B786E7E2F4CFED3571F28E03
Session-ID-ctx:
Master-Key: 8C5826005BC990D59B05A28FB87E2F801668FC24A351C8913E0647817939F3667FAB0D532A8B0EAB94E18CD282A41010
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 7200 (seconds)
TLS session ticket:
0000 - fe 2e da f4 cd cd e9 23-46 73 02 6e ca e6 93 3a .......#Fs.n...:
0010 - f5 38 98 c2 9f 4a 10 3f-59 19 aa d7 03 a2 72 ca .8...J.?Y.....r.
0020 - 9c 80 dc cc 07 af a8 02-ec 64 9c 75 21 95 ea 75 .........d.u!..u
0030 - 53 34 95 f0 2d 41 d1 0a-4f b5 24 79 fc 97 b9 5d S4..-A..O.$y...]
0040 - af 78 27 88 44 66 4f 4d-cc 82 8a 1c 09 04 3a fc .x'.DfOM......:.
0050 - 84 bc 9c 5d 22 c0 f6 a6-96 e8 fb d9 93 87 ee 78 ...]"..........x
0060 - ad 93 14 10 41 cc 2f 22-5a f4 ea 1d e4 fe 78 eb ....A./"Z.....x.
0070 - 30 36 f0 e9 20 86 fd ad-0a a4 1a cb 49 c4 d3 41 06.. .......I..A
0080 - 71 89 9b 0f 5c 92 ce a1-7e 34 17 97 cf e4 10 82 q...\...~4......
0090 - e9 dc c1 5d a8 21 a6 67-49 d4 14 04 31 68 c5 1b ...].!.gI...1h..
Start Time: 1547723067
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
Extended master secret: yes
---
Correct!
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAvmOkuifmMg6HL2YPIOjon6iWfbp7c3jx34YkYWqUH57SUdyJ
imZzeyGC0gtZPGujUSxiJSWI/oTqexh+cAMTSMlOJf7+BrJObArnxd9Y7YT2bRPQ
Ja6Lzb558YW3FZl87ORiO+rW4LCDCNd2lUvLE/GL2GWyuKN0K5iCd5TbtJzEkQTu
DSt2mcNn4rhAL+JFr56o4T6z8WWAW18BR6yGrMq7Q/kALHYW3OekePQAzL0VUYbW
JGTi65CxbCnzc/w4+mqQyvmzpWtMAzJTzAzQxNbkR2MBGySxDLrjg0LWN6sK7wNX
x0YVztz/zbIkPjfkU1jHS+9EbVNj+D1XFOJuaQIDAQABAoIBABagpxpM1aoLWfvD
KHcj10nqcoBc4oE11aFYQwik7xfW+24pRNuDE6SFthOar69jp5RlLwD1NhPx3iBl
J9nOM8OJ0VToum43UOS8YxF8WwhXriYGnc1sskbwpXOUDc9uX4+UESzH22P29ovd
d8WErY0gPxun8pbJLmxkAtWNhpMvfe0050vk9TL5wqbu9AlbssgTcCXkMQnPw9nC
YNN6DDP2lbcBrvgT9YCNL6C+ZKufD52yOQ9qOkwFTEQpjtF4uNtJom+asvlpmS8A
vLY9r60wYSvmZhNqBUrj7lyCtXMIu1kkd4w7F77k+DjHoAXyxcUp1DGL51sOmama
+TOWWgECgYEA8JtPxP0GRJ+IQkX262jM3dEIkza8ky5moIwUqYdsx0NxHgRRhORT
8c8hAuRBb2G82so8vUHk/fur85OEfc9TncnCY2crpoqsghifKLxrLgtT+qDpfZnx
SatLdt8GfQ85yA7hnWWJ2MxF3NaeSDm75Lsm+tBbAiyc9P2jGRNtMSkCgYEAypHd
HCctNi/FwjulhttFx/rHYKhLidZDFYeiE/v45bN4yFm8x7R/b0iE7KaszX+Exdvt
SghaTdcG0Knyw1bpJVyusavPzpaJMjdJ6tcFhVAbAjm7enCIvGCSx+X3l5SiWg0A
R57hJglezIiVjv3aGwHwvlZvtszK6zV6oXFAu0ECgYAbjo46T4hyP5tJi93V5HDi
Ttiek7xRVxUl+iU7rWkGAXFpMLFteQEsRr7PJ/lemmEY5eTDAFMLy9FL2m9oQWCg
R8VdwSk8r9FGLS+9aKcV5PI/WEKlwgXinB3OhYimtiG2Cg5JCqIZFHxD6MjEGOiu
L8ktHMPvodBwNsSBULpG0QKBgBAplTfC1HOnWiMGOU3KPwYWt0O6CdTkmJOmL8Ni
blh9elyZ9FsGxsgtRBXRsqXuz7wtsQAgLHxbdLq/ZJQ7YfzOKU4ZxEnabvXnvWkU
YOdjHdSOoKvDQNWu6ucyLRAWFuISeXw9a/9p7ftpxm0TSgyvmfLF2MIAEwyzRqaM
77pBAoGAMmjmIJdjp+Ez8duyn3ieo36yrttF5NSsJLAbxFpdlc1gvtGCWW+9Cq0b
dxviW8+TFVEBl1O4f7HVm6EpTscdDxU+bCXWkfjuRb7Dy9GOtt9JPsX8MBTakzh3
vBgsyi/sN3RqRBcGU40fOoZyfAMT8s1m/uYv52O6IgeuZ/ujbjY=
-----END RSA PRIVATE KEY-----
closed
CONNECTED(00000003)
depth=0 CN = localhost
verify error:num=18:self signed certificate
verify return:1
depth=0 CN = localhost
verify return:1
---
Certificate chain
0 s:/CN=localhost
i:/CN=localhost
---
ssh -i sshkey.private.txt [email protected] -p 2220
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent