문제 목표!
There are 2 files in the homedirectory: passwords.old and passwords.new. The password for the next level is in passwords.new and is the only line that has been changed between passwords.old and passwords.new
NOTE: if you have solved this level and see ‘Byebye!’ when trying to log into bandit18, this is related to the next level, bandit19
홈 디렉토리에는 두 개의 파일이 있습니다.
passwords.old와 passwords.new인데요! 비밀번호는 passwords.new에
존재하고 passwords.old에서 변경된 한 줄이라고 하네욧!
일단 홈 디렉토리로 가서 상황을 보겠습니다.
bandit17@bandit:~$ ls
passwords.new passwords.old두 개의 파일이 존재하네요!
각각 cat 명령어를 사용하여 읽어볼까요??
bandit17@bandit:~$ cat passwords.old
BTrrmkKVXra01wWzxqzFmAMY9CbPXRlc
zxYJ8Detw68SBZluYcJzAkEwrwPB1uCh
J1mJLnxroUUJC5YEtfHVPq6LXxkWTbsF
oSRyw7ANImF3fjwvjAnKqcJgL37Eltmf
efslUmsn2iMnYngpaChSBe7JGgrdl1SJ
cWqaMSNyS06Ls5p5FL6xWBiafm1WR4js
jtFnBY4XzzHQVjT4NYwBZka2fRuNB40z
wyuE9cNn7ruxWvJx39lzJsiakMVoiaAL
viWro0rDldjuIhMbtuYqwpuEq11KQ1Dk
GSJ2XOnI3OW6Kz3Bcu8jEWPldxxZYtwV
Y9L7A4xLtKse8Qsv4cVOnkuxcJlTMnwx
QsXRjG6uAMGD4UaxOX9dNjW9ZBIARt0b
8z2wzuSn0FSW3Kd43n0rX574g8aIhpeP
bIsJ24EaCpslmVSk8PYRQ6I3JzE24CU2
BL96qzomBra296hGG95IL2EJVHhtCxnR
sBJvUThUpq58L5MfP3xBtqAg07iqxFNo
breOHXDOaU6pSVtwtnqoDvB0eBHIzQNz
Hyri3fE6PElDCAzxXmYjcIYPDm1GQq1N
nPMnwp6BWPZwFMXYRIYr0sYyeoRX7OkB
fGD6FhO55K1tlaqzivxmlv2TxKuouCQ9
VYsYVJYhPIrMvPhR947eEyFDAUcC8qAY
X96s0ctaz9jKBbBZXEVZjCRg71RPi30o
Hm7YpVTbNYnax2JNH7t0wpeNtmZaur66
JU8pvHxM7hpNA4xf9fGN8zGczvciZ4rF
PCe8KFcLPad79DRPjh1oR3MOzOeCkWHZ
hAsIkoS2h0kaFPOreW6va8zuGE7FfaeG
3HkS70idKGkDaSdiZKxsEJfNwN6bB44C
4IomZJlt4oZVdUMe3P709ibJMMGgKVVa
o3SVmlinHtOGkYx2OUcMdWNFpcnfR9GI
A6mgj41YOCD6Ln5duYzGskRPX7BNGdWP
Wio8CxULxerO0mVK9XqS7CzPEqhvkVTI
RBteFXN1lcmtjaHlf9MQBd2Tw6COnxnl
6WFx7rBYDHS0cbtC6I3SgFC48Mus97gT
cUCapF3fmt1xWL1KYOcE2hHcHR9acLWK
OtnNexZjXd8SOY2c9PJonN8Kt9r1YacT
9TuAz9N69hhOF0mJvkwZ62jwDZhSMYdX
jHUGSWtCiBmW3EhB83uHvqSdCSPzLoSp
NUahNZOPpVYgBeA3sxTSloUHCCNbmIcE
Udq1Zw8oOdLjcLZSoWFb3XVsLVr2J7e7
fwJjyJfLsqI7eA3q1pmW0WjptEJPyjVj
9jbIrrT9OlPADZDBfF1UOoz4lhboOnsT
ktfgBvpMzWKR5ENj26IbLGSblgUG9CzB
dX464MV2LHPWYN9RDa7AnVBqsxjl1zui
GOTGHQIZKu2qwhUTibu5PQaMEMWvoUDR
t7szZtdGClutCs1g4uWKN5I1oV3cnA0c
UjvLtH0PwVCMVKin557N52aHiyl0kYq1
nlgqcBzlhJ2VviwtRrQ5uWchvklbT4pP
7e9nLN3c67bDY2xu3WyJHEwV7nYdvGPE
ExgTqIHbr2ns16kLsqyajBZkjMQLTViV
G9cfTflYTtWolu6icsXkQub5CVDZUthf
z2EA6BCZxLAQfYjWeAEkY1KiO2govaZb
denuyi6K0zLwrBJ7bhK6HBcEWx5Q3pZU
DTQZOhhW6BAOv8xsl7cNJWrE3xUpyVuZ
PzkdBqvSfbrXDccTZoOTMvPv3g62uht2
qsCnO2xNgscH1kEPY0x9bbWW4wqhuKun
BXeAlHizeskRwL8DBU1pkuRNf8YQs1fy
JbjSP4bawPjhVblhIKvYsa6DSrQ0K8Pa
mLN3ZguwRodFz1ff9212diaWRG38JmP8
VEvQa0rdLpnWuXdBizNHDHOoNBUOji2v
H7pLihoyQyokYMNsblaQRZDSbJOeUN1M
zSLn2YysyQ72CxOmuLxOjSDob3z5rfhw
7lAgyTUFK10KM4bddgRRw56IJmTSHGkJ
kWLg9LHTHWvwyHVchjfjvsl56NKyL6lj
GFHzOC2d1AFDbuX4CN1ENUOtIgyDIKJt
1Gx2ud8nXUZOTv7xmJUeRj13y4rLyya6
B6SjgQEqvhiocLV1yvM0pjX7IdlsiCH5
3P7gn1Bc6XZUK6ztLfnGWcbeG7YHiHiI
nFec0Ku80ZdvtGCxoPB5cttTESXpKQnQ
1jhfUAWYdazPlD4SP5YVWKeiw0wOq5Ri
WNfLXhuLdvvSr7ZLevsEr4cO3NvPG490
BJFMpf1KbAs8EyqOkarPvKemHRV8tZEh
c0ym4wfyWFBJDpf5GijAdD9ztGOxNlhV
Ch6fjISjwwgUp1TbZTYuXGNTA8FLdYrv
KUMiMhP2oU7vgY9TX4YEne7rbX8yFUZn
tI64dQ5Tk7UNjE2D6nG9BplQFogtmCGO
WfPpHSJPVR0bbanzbX1CnjuIex4K10D6
JINaeqrYEhqrzxMCvGbmofyb36GNfFiC
4tgIAcfwRpPJSlaOWU3rDPn8yMG077hI
1nRRyyOmXFR6ArHTKwuoQ92qoSc4VdQT
Rl0ov5T2JPrTTgk56ogS1GTMwQ0vmoiE
94X0gWlDT3wuXeB6v86U7kiHWOsVtiQt
fRj0kPfYCkK8qEkpQp7aChL3BbyikcuF
rudgpHLFpYtWFHhFjmtNtUZLT9F1tGqn
osVZo4VuRGRZ94Op1IpcLub1ljo5Scig
pX8Knc9zUufKCuAWt0xrQ0lBXccURT9y
SszksMS8Rgtsn0bwFmuEeIQVBQakwmdB
BXwQooIJThMQlgLCcvI1MVRXeqogZvbT
eJyAXFSdnbnPlhCAPmNFQkiZ0KCxetCz
HWYjo80dF1HCZlVm8KSfyIjjhWxkPGBl
GBO5mHleMNnEUxbxEMyt9exwDUbPbOH4
YqjE5WimoXL4xfXCZfSdwUS3u5azCZ3s
751nXWjzPrlYjehtBSRAxQQ72QUM3XLF
MgrEjWdEmIzbjOsWrr5CPzGUCkEDzozZ
of7XKBKAukCSlCkTaGSXmaRipODqq5Dm
ybshx1FNxqzADl7bpkm5gttCFtUy1zJX
MWUhEo0IaOxdHaHdwHlAA9Uc5XnCnitH
REUKNmW9j1fmX8hhoq3UmGwOX0uazs0L
IL4T25H4ZPoByaPzGTofsozMg03BvjI4
MSmRC2afxQDbU8F3eJuSQiXfxJRMN3oH
Q7k1gkA8CAmEqwMOMWtzAXxXTSjK1omjbandit17@bandit:~$ cat passwords.new
BTrrmkKVXra01wWzxqzFmAMY9CbPXRlc
zxYJ8Detw68SBZluYcJzAkEwrwPB1uCh
J1mJLnxroUUJC5YEtfHVPq6LXxkWTbsF
oSRyw7ANImF3fjwvjAnKqcJgL37Eltmf
efslUmsn2iMnYngpaChSBe7JGgrdl1SJ
cWqaMSNyS06Ls5p5FL6xWBiafm1WR4js
jtFnBY4XzzHQVjT4NYwBZka2fRuNB40z
wyuE9cNn7ruxWvJx39lzJsiakMVoiaAL
viWro0rDldjuIhMbtuYqwpuEq11KQ1Dk
GSJ2XOnI3OW6Kz3Bcu8jEWPldxxZYtwV
Y9L7A4xLtKse8Qsv4cVOnkuxcJlTMnwx
QsXRjG6uAMGD4UaxOX9dNjW9ZBIARt0b
8z2wzuSn0FSW3Kd43n0rX574g8aIhpeP
bIsJ24EaCpslmVSk8PYRQ6I3JzE24CU2
BL96qzomBra296hGG95IL2EJVHhtCxnR
sBJvUThUpq58L5MfP3xBtqAg07iqxFNo
breOHXDOaU6pSVtwtnqoDvB0eBHIzQNz
Hyri3fE6PElDCAzxXmYjcIYPDm1GQq1N
nPMnwp6BWPZwFMXYRIYr0sYyeoRX7OkB
fGD6FhO55K1tlaqzivxmlv2TxKuouCQ9
VYsYVJYhPIrMvPhR947eEyFDAUcC8qAY
X96s0ctaz9jKBbBZXEVZjCRg71RPi30o
Hm7YpVTbNYnax2JNH7t0wpeNtmZaur66
JU8pvHxM7hpNA4xf9fGN8zGczvciZ4rF
PCe8KFcLPad79DRPjh1oR3MOzOeCkWHZ
hAsIkoS2h0kaFPOreW6va8zuGE7FfaeG
3HkS70idKGkDaSdiZKxsEJfNwN6bB44C
4IomZJlt4oZVdUMe3P709ibJMMGgKVVa
o3SVmlinHtOGkYx2OUcMdWNFpcnfR9GI
A6mgj41YOCD6Ln5duYzGskRPX7BNGdWP
Wio8CxULxerO0mVK9XqS7CzPEqhvkVTI
RBteFXN1lcmtjaHlf9MQBd2Tw6COnxnl
6WFx7rBYDHS0cbtC6I3SgFC48Mus97gT
cUCapF3fmt1xWL1KYOcE2hHcHR9acLWK
OtnNexZjXd8SOY2c9PJonN8Kt9r1YacT
9TuAz9N69hhOF0mJvkwZ62jwDZhSMYdX
jHUGSWtCiBmW3EhB83uHvqSdCSPzLoSp
NUahNZOPpVYgBeA3sxTSloUHCCNbmIcE
Udq1Zw8oOdLjcLZSoWFb3XVsLVr2J7e7
fwJjyJfLsqI7eA3q1pmW0WjptEJPyjVj
9jbIrrT9OlPADZDBfF1UOoz4lhboOnsT
x2gLTTjFwMOhQ8oWNbMN362QKxfRqGlO
dX464MV2LHPWYN9RDa7AnVBqsxjl1zui
GOTGHQIZKu2qwhUTibu5PQaMEMWvoUDR
t7szZtdGClutCs1g4uWKN5I1oV3cnA0c
UjvLtH0PwVCMVKin557N52aHiyl0kYq1
nlgqcBzlhJ2VviwtRrQ5uWchvklbT4pP
7e9nLN3c67bDY2xu3WyJHEwV7nYdvGPE
ExgTqIHbr2ns16kLsqyajBZkjMQLTViV
G9cfTflYTtWolu6icsXkQub5CVDZUthf
z2EA6BCZxLAQfYjWeAEkY1KiO2govaZb
denuyi6K0zLwrBJ7bhK6HBcEWx5Q3pZU
DTQZOhhW6BAOv8xsl7cNJWrE3xUpyVuZ
PzkdBqvSfbrXDccTZoOTMvPv3g62uht2
qsCnO2xNgscH1kEPY0x9bbWW4wqhuKun
BXeAlHizeskRwL8DBU1pkuRNf8YQs1fy
JbjSP4bawPjhVblhIKvYsa6DSrQ0K8Pa
mLN3ZguwRodFz1ff9212diaWRG38JmP8
VEvQa0rdLpnWuXdBizNHDHOoNBUOji2v
H7pLihoyQyokYMNsblaQRZDSbJOeUN1M
zSLn2YysyQ72CxOmuLxOjSDob3z5rfhw
7lAgyTUFK10KM4bddgRRw56IJmTSHGkJ
kWLg9LHTHWvwyHVchjfjvsl56NKyL6lj
GFHzOC2d1AFDbuX4CN1ENUOtIgyDIKJt
1Gx2ud8nXUZOTv7xmJUeRj13y4rLyya6
B6SjgQEqvhiocLV1yvM0pjX7IdlsiCH5
3P7gn1Bc6XZUK6ztLfnGWcbeG7YHiHiI
nFec0Ku80ZdvtGCxoPB5cttTESXpKQnQ
1jhfUAWYdazPlD4SP5YVWKeiw0wOq5Ri
WNfLXhuLdvvSr7ZLevsEr4cO3NvPG490
BJFMpf1KbAs8EyqOkarPvKemHRV8tZEh
c0ym4wfyWFBJDpf5GijAdD9ztGOxNlhV
Ch6fjISjwwgUp1TbZTYuXGNTA8FLdYrv
KUMiMhP2oU7vgY9TX4YEne7rbX8yFUZn
tI64dQ5Tk7UNjE2D6nG9BplQFogtmCGO
WfPpHSJPVR0bbanzbX1CnjuIex4K10D6
JINaeqrYEhqrzxMCvGbmofyb36GNfFiC
4tgIAcfwRpPJSlaOWU3rDPn8yMG077hI
1nRRyyOmXFR6ArHTKwuoQ92qoSc4VdQT
Rl0ov5T2JPrTTgk56ogS1GTMwQ0vmoiE
94X0gWlDT3wuXeB6v86U7kiHWOsVtiQt
fRj0kPfYCkK8qEkpQp7aChL3BbyikcuF
rudgpHLFpYtWFHhFjmtNtUZLT9F1tGqn
osVZo4VuRGRZ94Op1IpcLub1ljo5Scig
pX8Knc9zUufKCuAWt0xrQ0lBXccURT9y
SszksMS8Rgtsn0bwFmuEeIQVBQakwmdB
BXwQooIJThMQlgLCcvI1MVRXeqogZvbT
eJyAXFSdnbnPlhCAPmNFQkiZ0KCxetCz
HWYjo80dF1HCZlVm8KSfyIjjhWxkPGBl
GBO5mHleMNnEUxbxEMyt9exwDUbPbOH4
YqjE5WimoXL4xfXCZfSdwUS3u5azCZ3s
751nXWjzPrlYjehtBSRAxQQ72QUM3XLF
MgrEjWdEmIzbjOsWrr5CPzGUCkEDzozZ
of7XKBKAukCSlCkTaGSXmaRipODqq5Dm
ybshx1FNxqzADl7bpkm5gttCFtUy1zJX
MWUhEo0IaOxdHaHdwHlAA9Uc5XnCnitH
REUKNmW9j1fmX8hhoq3UmGwOX0uazs0L
IL4T25H4ZPoByaPzGTofsozMg03BvjI4
MSmRC2afxQDbU8F3eJuSQiXfxJRMN3oH
Q7k1gkA8CAmEqwMOMWtzAXxXTSjK1omj엄청난 양의 문장이 나오네요..
물론 하나씩 비교하면 답을 찾을 순 있겠지만, 문제에서 그걸 원하지는 않겠지요?
한번 풀어보자구요!!
문제 풀이!
이 문제는 비교적 간단합니다.
diff 명령어만 알고 있으면 쉽게 풀리지요.
📌 diff 명령어
diff는 두 파일을 비교해서 어떤 부분이 다른지 보여주는 명령어입니다.
파일이 아무리 크더라도 바뀐 부분만 출력해 주기에
쉽게 비교할 수 있지요!
'diff [파일1] [파일2]' 로 사용합니다 :)
이제 이 명령어를 이용하여 password 파일을 비교해 보겠습니다.
bandit17@bandit:~$ diff passwords.old passwords.new
42c42
< ktfgBvpMzWKR5ENj26IbLGSblgUG9CzB
---
> x2gLTTjFwMOhQ8oWNbMN362QKxfRqGlO위와 같은 결과가 나왔는데요!
하나 하나 해석해 보겠습니다.
✅ 42c42
42번째 줄의 값이 변경 되었다는 뜻
✅ < ktfgBvpMzWKR5ENj26IbLGSblgUG9CzB
이전 파일(passwords.old)에 있는 내용
✅ > x2gLTTjFwMOhQ8oWNbMN362QKxfRqGlO
새로운 파일(passwords.new)에 있는 내용
여기서 u 옵션을 지정하면 조금더 가독성이 좋게 볼 수 있답니다.
-, +기호로 조금 더 쉽게 비교할 수 있겠지요??
bandit17@bandit:~$ diff -u passwords.old passwords.new
--- passwords.old 2024-09-19 07:08:22.603693566 +0000
+++ passwords.new 2024-09-19 07:08:22.608693607 +0000
@@ -39,7 +39,7 @@
Udq1Zw8oOdLjcLZSoWFb3XVsLVr2J7e7
fwJjyJfLsqI7eA3q1pmW0WjptEJPyjVj
9jbIrrT9OlPADZDBfF1UOoz4lhboOnsT
-ktfgBvpMzWKR5ENj26IbLGSblgUG9CzB
+x2gLTTjFwMOhQ8oWNbMN362QKxfRqGlO
dX464MV2LHPWYN9RDa7AnVBqsxjl1zui
GOTGHQIZKu2qwhUTibu5PQaMEMWvoUDR
t7szZtdGClutCs1g4uWKN5I1oV3cnA0c
모의해킹 & 보안 공부 기록 블로그