Level Goal

A daemon is listening on port 30002 and will give you the password for bandit25 if given the password for bandit24 and a secret numeric 4-digit pincode. There is no way to retrieve the pincode except by going through all of the 10000 combinations, called brute-forcing.

Solution

for this level i wrote the following bash script that will try to bruteforce the daemon running on port 30002.

it will create all 10000 4-digit pincode combinations, concatenate it with the password for user bandit24 and write the results to password.bruteforce file, supply those lines to the standard input of the daemon running on port 3000, redirect the standard output of the nc(1) command to the file brute.dump and then get the unique lines out of the file brute.dump.

great!, we got the password for the next level!.