到vortex.labs.overthewire.org
的线路不怎么好,用nc建立TCP连接,总被RST
➜ ~ tshark -i en5 -f "host 178.79.134.250" [9:41:42]
Capturing on 'ZTE-Modem'
1 0.000000 10.17.101.0 -> 178.79.134.250 TCP 78 52822 → 5842 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=32 TSval=1383849501 TSecr=0 SACK_PERM=1
2 1.004711 10.17.101.0 -> 178.79.134.250 TCP 78 [TCP Retransmission] 52822 → 5842 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=32 TSval=1383850502 TSecr=0 SACK_PERM=1
3 2.008702 10.17.101.0 -> 178.79.134.250 TCP 78 [TCP Retransmission] 52822 → 5842 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=32 TSval=1383851502 TSecr=0 SACK_PERM=1
4 3.011012 10.17.101.0 -> 178.79.134.250 TCP 78 [TCP Retransmission] 52822 → 5842 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=32 TSval=1383852503 TSecr=0 SACK_PERM=1
5 4.013495 10.17.101.0 -> 178.79.134.250 TCP 78 [TCP Retransmission] 52822 → 5842 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=32 TSval=1383853504 TSecr=0 SACK_PERM=1
6 5.014702 10.17.101.0 -> 178.79.134.250 TCP 78 [TCP Retransmission] 52822 → 5842 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=32 TSval=1383854504 TSecr=0 SACK_PERM=1
7 7.016546 10.17.101.0 -> 178.79.134.250 TCP 78 [TCP Retransmission] 52822 → 5842 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=32 TSval=1383856504 TSecr=0 SACK_PERM=1
8 11.023500 10.17.101.0 -> 178.79.134.250 TCP 78 [TCP Retransmission] 52822 → 5842 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=32 TSval=1383860505 TSecr=0 SACK_PERM=1
9 13.769709 10.17.101.0 -> 178.79.134.250 TCP 67 65355 → 5842 [FIN, PSH, ACK] Seq=1 Ack=1 Win=4117 Len=1 TSval=1383863248 TSecr=1413241819
10 14.052945 178.79.134.250 -> 10.17.101.0 TCP 54 5842 → 65355 [RST] Seq=1 Win=0 Len=0
11 19.035214 10.17.101.0 -> 178.79.134.250 TCP 78 [TCP Retransmission] 52822 → 5842 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=32 TSval=1383868506 TSecr=0 SACK_PERM=1
12 35.067069 10.17.101.0 -> 178.79.134.250 TCP 78 [TCP Retransmission] 52822 → 5842 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=32 TSval=1383884506 TSecr=0 SACK_PERM=1
^C12 packets captured
用ipip查了一下
➜ ~ ipip vortex.labs.overthewire.org [9:40:52]
英国伦敦 linode.com
有时候又可以用
➜ ~ tshark -i en5 -f "host 178.79.134.250" [9:43:48]
Capturing on 'ZTE-Modem'
1 0.000000 10.17.101.0 -> 178.79.134.250 TCP 78 58061 → 5842 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=32 TSval=1384161168 TSecr=0 SACK_PERM=1
2 0.291368 178.79.134.250 -> 10.17.101.0 TCP 74 5842 → 58061 [SYN, ACK] Seq=0 Ack=1 Win=28960 Len=0 MSS=1460 SACK_PERM=1 TSval=1413396489 TSecr=1384161168 WS=128
3 0.291489 10.17.101.0 -> 178.79.134.250 TCP 66 58061 → 5842 [ACK] Seq=1 Ack=1 Win=131744 Len=0 TSval=1384161459 TSecr=1413396489
4 0.564082 178.79.134.250 -> 10.17.101.0 TCP 70 5842 → 58061 [PSH, ACK] Seq=1 Ack=1 Win=29056 Len=4 TSval=1413396571 TSecr=1384161459
5 0.564181 10.17.101.0 -> 178.79.134.250 TCP 66 58061 → 5842 [ACK] Seq=1 Ack=5 Win=131744 Len=0 TSval=1384161730 TSecr=1413396571
6 0.841387 178.79.134.250 -> 10.17.101.0 TCP 78 5842 → 58061 [PSH, ACK] Seq=5 Ack=1 Win=29056 Len=12 TSval=1413396654 TSecr=1384161730
7 0.841450 10.17.101.0 -> 178.79.134.250 TCP 66 58061 → 5842 [ACK] Seq=1 Ack=17 Win=131744 Len=0 TSval=1384162006 TSecr=1413396654
8 0.841570 10.17.101.0 -> 178.79.134.250 TCP 70 58061 → 5842 [PSH, ACK] Seq=1 Ack=17 Win=131744 Len=4 TSval=1384162006 TSecr=1413396654
9 1.121482 178.79.134.250 -> 10.17.101.0 TCP 66 5842 → 58061 [ACK] Seq=17 Ack=5 Win=29056 Len=0 TSval=1413396738 TSecr=1384162006
10 1.121500 178.79.134.250 -> 10.17.101.0 TCP 103 5842 → 58061 [PSH, ACK] Seq=17 Ack=5 Win=29056 Len=37 TSval=1413396738 TSecr=1384162006
11 1.121505 178.79.134.250 -> 10.17.101.0 TCP 66 5842 → 58061 [FIN, ACK] Seq=54 Ack=5 Win=29056 Len=0 TSval=1413396738 TSecr=1384162006
12 1.121595 10.17.101.0 -> 178.79.134.250 TCP 66 58061 → 5842 [ACK] Seq=5 Ack=54 Win=131712 Len=0 TSval=1384162285 TSecr=1413396738
13 1.121632 10.17.101.0 -> 178.79.134.250 TCP 66 58061 → 5842 [ACK] Seq=5 Ack=55 Win=131712 Len=0 TSval=1384162285 TSecr=1413396738
14 1.121998 10.17.101.0 -> 178.79.134.250 TCP 66 58061 → 5842 [FIN, ACK] Seq=5 Ack=55 Win=131712 Len=0 TSval=1384162285 TSecr=1413396738
15 1.401452 178.79.134.250 -> 10.17.101.0 TCP 66 5842 → 58061 [ACK] Seq=55 Ack=6 Win=29056 Len=0 TSval=1413396822 TSecr=1384162285
^C15 packets captured
最后按照大神的.py脚本,第0关终于搞定
➜ Vortex git:(master) python level0.py [9:43:51]
** INTERACT **
Username: vortex1 Password: Gq#qu3bF3*** Connection closed by remote host ***