Lab 0⚓︎

约 1332 个字 42 行代码 12 张图片预计阅读时间 5 分钟

Prerequisite⚓︎

Challenge 1⚓︎

本人目前拥有 MacOS 和 Windows 电脑各一台，在 Linux 环境的选择上，我选择直接使用 WSL，选择了 Kali Linux 作为 WSL 的发行版。Mac 上本身是类 Unix 系统，最初我是打算用 moonlight + sunshine 来直接串流，若有需要使用 Linux 的地方，再从 Windows 中打开 WSL。但总感觉这样有点怪，后来依然配置了 ssh 来用 Mac 连接 WSL。

Task 1⚓︎

对于用法介绍的话，我介绍自然是没有别人已经整理好的清晰的，我就直接照搬 tldr 的了，然后下面来简单介绍四个命令。

ls

$ tldr ls

ls

List directory contents.
More information: https://www.gnu.org/software/coreutils/manual/html_node/ls-invocation.html.

- List files one per line:
    ls -1

- List all files, including hidden files:
    ls [-a|--all]

- List files with a trailing symbol to indicate file type (directory/, symbolic_link@, executable*, ...):
    ls [-F|--classify]

- List all files in [l]ong format (permissions, ownership, size, and modification date):
    ls [-la|-l --all]

- List files in [l]ong format with size displayed using human-readable units (KiB, MiB, GiB):
    ls [-lh|-l --human-readable]

- List files in [l]ong format, sorted by [S]ize (descending) recursively:
    ls [-lSR|-lS --recursive]

- List files in [l]ong format, sorted by [t]ime the file was modified and in reverse order (oldest first):
    ls [-ltr|-lt --reverse]

- Only list directories:
    ls [-d|--directory] */

cat

$ tldr cat

warning: 2 page(s) found for other platforms:
1. common (tldr --platform common cat)
2. linux  (tldr --platform linux cat)

cat

Print and concatenate files.
More information: https://keith.github.io/xcode-man-pages/cat.1.html.

Print the contents of a file to stdout:

    cat path/to/file

Concatenate several files into an output file:

    cat path/to/file1 path/to/file2 ... > path/to/output_file

Append several files to an output file:

    cat path/to/file1 path/to/file2 ... >> path/to/output_file

Copy the contents of a file into an output file without buffering:

    cat -u /dev/tty12 > /dev/tty13

Write stdin to a file:

    cat - > path/to/file

Number all output lines:

    cat -n path/to/file

Display non-printable and whitespace characters (with M- prefix if non-ASCII):

    cat -v -t -e path/to/file

chmod

$ tldr chmod

chmod

Change the access permissions of a file or directory.
More information: https://www.gnu.org/software/coreutils/manual/html_node/chmod-invocation.html.

- Give the [u]ser who owns a file the right to e[x]ecute it:
    chmod u+x path/to/file

- Give the [u]ser rights to [r]ead and [w]rite to a file/directory:
    chmod u+rw path/to/file_or_directory

- Remove e[x]ecutable rights from the [g]roup:
    chmod g-x path/to/file

- Give [a]ll users rights to [r]ead and e[x]ecute:
    chmod a+rx path/to/file

- Give [o]thers (not in the file owner's group) the same rights as the [g]roup:
    chmod o=g path/to/file

- Remove all rights from [o]thers:
    chmod o= path/to/file

- Change permissions recursively giving [g]roup and [o]thers the ability to [w]rite:
    chmod [-R|--recursive] g+w,o+w path/to/directory

- Recursively give [a]ll users [r]ead permissions to files and e[X]ecute permissions to sub-directories within a directory:
    chmod [-R|--recursive] a+rX path/to/directory

apt

$ tldr apt

apt

Package management utility for Debian based distributions.
Recommended replacement for apt-get when used interactively in Ubuntu versions 16.04 and later.
For equivalent commands in other package managers, see https://wiki.archlinux.org/title/Pacman/Rosetta.
More information: https://manned.org/apt.8.

- Update the list of available packages and versions (it's recommended to run this before other apt commands):
    sudo apt update

- Search for a given package (use apt search --name-only package to search within package name only):
    apt search package

- Show information for a package:
    apt show package

- Install a package, or update it to the latest available version:
    sudo apt install package

- Remove a package (using purge instead also removes its configuration files):
    sudo apt remove package

- Upgrade all installed packages to their newest available versions:
    sudo apt upgrade

- List all packages:
    apt list

- List installed packages:
    apt list [-i|--installed]


See also: apt-get

Task 2⚓︎

在配置的时候，主要参考了：wsl-ssh-guide。总体上应该已经介绍的比较完整了，但是在配置过程中仍然因为个人操作出现了一些问题。

首先是在设置端口的时候，我记得我改成了 2222 端口，但是在后来出现问题回来排查的时候，发现其实我忘记改端口了，幽默。

其次就是关于 WSL 的网络配置问题，在选择 ip 地址的时候，应当选择 Windows 本机的 ip 地址，但是我却用了 ifconfig 命令后 eth0 中的 inet 地址，导致连接不上。事实上，关于这一点，我本身也比较好奇关于 WSL 的网络配置是怎样的，为什么会出现多个不同的 ip 地址，打算之后研究一下。

Challenge 2⚓︎

Task 1⚓︎

该程序接收一个字符串，输出其长度，然后将字符串中的大写字母转为小写，小写字母转为大写，其他字符保持不变，并输出转换后的结果。

Task 2⚓︎

按照 hint 先装了 pwntools，我在 MacOS 和 Kali Linux 上都装了，其中在 Kali Linux 上安装的比较顺利，但是相对来说在 MacOS 上遇到了一点小问题，在这里简单做一下记录。

在 MacOS 上安装 pwntools 时，构建依赖发生了一些问题，经过查询后，应该是 arm 架构的问题，最后找到了这个 issues，成功解决了问题。

那么现在开始根据题目要求编写脚本~~（大模型辅助编写也是编写）~~，脚本为：

from pwn import *

HOST = '10.214.160.13'
PORT = 11002

r = remote(HOST, PORT)

welcome_message = r.recvuntil(b"================================================\n\n").decode()
print(welcome_message)

for i in range(10):
    try:
        problem_line = r.recvuntil(b'= ').decode().strip()
        print(f"Received problem: {problem_line}")

        if '\n' in problem_line:
            expression_text = problem_line.split('\n')[-1]
        else:
            expression_text = problem_line

        expression = expression_text.replace(' =', '').strip()
        answer = str(eval(expression))
        print(f"Calculated answer: {answer}")

        r.sendline(answer.encode())
        print("Answer sent.")

    except EOFError:
        print("Connection closed by server.")
        break
    except Exception as e:
        print(f"An error occurred: {e}")
        break

try:
    flag = r.recvall(timeout=5).decode()
    print("\nFlag:")
    print(flag)
except Exception as e:
    print(f"Error receiving flag: {e}")

r.close()