New Questions in Module B of Secondary Vocational Network Security Competition

Environment private message blogger

Competition group: 421865857

Trojan information acquisition

Task environment description:

1. Download 0077.pcap from the FTP of the target server, analyze the file, find out the protocol used by hackers, and submit the protocol name.
2. Analyze the file, find out the zip archive file obtained by hackers, and submit the archive file name.
3. Analyze the file, find out the sensitive files obtained by hackers, and submit the file name of the sensitive file
4. Analyze the file, find out the sensitive file obtained by hackers, and submit the time when the sensitive file was leaked.
5. Analyze the file, find out the sensitive file obtained by hackers, and submit the name of the leaked folder in the sensitive file.

Weak password blasting

1. Download 0064.py from the FTP of the target server, edit the Python program, make the program implement weak password blasting, and fill in the vacant F1 string in the file, generate a password list

2. Edit the Python program 0064.py to make the program implement weak password blasting, fill in the vacant F2 string in the file, and fill in the connected host;

3. Edit the Python program 0064.py to make the program implement weak password blasting, fill in the vacant F3 string in the file, and fill in the connection password;

4. Edit the Python program 0064.py to make the program implement weak password blasting, fill in the vacant F4 string in the file, and write out the processing logic for connection failure

/span>

5. Edit the Python program 0064.py to make the program implement weak password blasting, fill in the vacant F5 string in the file, and write the processing logic for successful connection;

6. Edit the Python program 0064.py to make the program implement weak password blasting, fill in the vacant F6 string in the file, and write the value of the judgment result.Know if the blasting is successful;

Encoding information acquisition

1. Download 0078.pcap from the FTP of the target server, analyze the file, find out the area to which the key information belongs, and submit the area name as Flag.
2. Analyze the file, find out key information, and submit the effective packet length as a Flag.
3. Analyze the file, find out the key information, and submit the key part of the fifth valid information as a hexadecimal value as Flag
4. Analyze the file, find out the key information, and submit the key part of the tenth valid information as a hexadecimal value as Flag
5. Analyze the file, find out key information, and submit the found Flag values.

redisUnauthorized accessp>

1.Download 0062.py from the FTP of the target server, edit the Python program, and make the program based onThe socket's redis is not authorized to identify, fill in the vacant F1 string in the file, and generate a socket object

2. Edit the Python program 0062.py to enable the program to implement socket-based redis unauthorized identification, fill in the vacant F2 string in the file, and connect to the target machine;

3. Edit the Python program 0062.py to enable the program to implement socket-based redis unauthorized identification, fill in the vacant F3 string in the file, and send the data;

/span>

4. Edit the Python program 0062.py to enable the program to implement socket-based redis unauthorized identification, fill in the vacant F4 string in the file, and receive data