Posts

Posted on

2022-12-12:找机票

着急的一天,毕竟要来,机票是躲不掉的,如果连飞机都没有,那就没法来了。

我找了一天,没找到……

Nhung倒是找到了河内->广州的机票,4000元,不贵,但不知道是不是真的。

Posted on

2021-12-11:一线“生机”

又要过年了……实在是不甘心这样年复一年。

最近听Nhung说,在Facebook上有人说能来中国,帮忙办理相关手续,大概需要7000元。我们还是想再尝试下,毕竟,上次尝试,已经是半年前了……

同时,在Nhung寻求外界帮助的时候,我也不能干坐着,便开始了解当前M护照的办理途径。还好,有一些当地关系,打听到了一些路子,似乎却是是有机会的。这让我们心底生出一股子希望来。

不过,需要的条件可以说是苛刻,而且需要借助外力……

受够了等待的我们,这次要主动出击!

中国这边,我尝试晚上联系了一个办理PU的人:

  • PU是邀请函,因为疫情,所以需要PU来帮助申请工作签证
  • 工作签证材料
    • 工作签证 准备资料(年龄24-60岁)
      • 1、护照
      • 2、白底两寸照片6张
      • 3、无犯罪证明(须使馆认证)
      • 4、学历证书(学士学位或以上,毕业2年以上)学历认证(公正学历并到中国使馆认证)
      • 5、毕业后工作经历证明,(中国以外两年以上)
      • 6、体检
      • 7、简历(从高中开始至今)
      • 8、护照有效期大于1年,不能有破损或污渍
    • 公司准备
      • 营业执照副本照片及复印件盖公章,公司座机。法人身份证照片,负责人身份证照片及手机和邮箱,聘用合同
  • PU办理
    • 1、去当地中国驻XXX国家大使馆咨询,我要来华商务合作项目,需要办签证,需要什么材料。
    • 2、去当地公安机关开无犯罪记录证明
    • 3、  材料如下
    • PU邀请函所需材料:护照首页和中国签证页、无犯罪记录证明原件、2寸白底照片电子版
    • 办理时长:15天-30个工作日
    • 要求:先提供扫描件(无犯罪记录证明+认证、新冠保险至少三个月),后发无犯罪记录证明原件
  • 目前办理比较难,报价:8800(成功办理),800(办理失败)
  • 估计要在明年3月举办完冬奥会会放松一些国门

Nhung找到的越南人办理

  • 整体办下来7000元,需要2500元定金,如果失败,全额退款
  • 说是能有帮忙准备机票,3000元+(机票有点便宜,这个地方反而让人怀疑🤨)
  • 能帮忙一起办理结婚用的单身证明
  • 大使馆里有关系,PU办理检查的时候很容易(是吗?)
  • 好像就是来给越南女孩子找中国老公的
  • 有拉一个越南女孩的群,目前群里5个人,聊得比较热闹
  • 如果顺利办下来,那么会在农历新年后,预估3月份能来中国
  • 如果来了中国,可以和PU上的行程不一样,但是隔离需要拍照给他们
  • 如果工作签证快要到期了,提前去上海(他们公司所在地),办理签证延期(9个月?),之后还能再办一次
  • 我们当下感觉起来比较真,想要尝试
Posted on

十一月的里程碑

这么快我们已经相识一年,相爱也满一年了。聚少离多的日子,我们实在是有些无法忍受。十一月的机票、住宿,我已经都安排好,到时候,我将带着支持我们爱情的父母来见面,安排下我们明年的婚期。这样细细想来,我也是一个快要结婚的人儿了呢。

五月我离开了阿里,六月来岘港和你度过了快乐的半个月。因为太快乐,太开心,每一分每一秒都显得那样的弥足珍贵,以至于都没有时间多拍些照片,写下只言片语来讲述我们的第一次旅行——大叻。

想到这里我就愈发得开心,谁又能想到一年前,我还是在歌声中听到大叻,听说你想去看看。一年之后,我们竟一起坐飞机去玩了一个星期。

大叻是冷飕飕的,一点儿也不像我心中的越南。那儿有些干冷,但是市中心有一个湖;每天下午三点准时下雨,一会儿就停;整个地区没有一个信号灯,人们穿梭其中,危险又神奇……亲爱的,这是我们第一次旅行啊,多美妙的一件事!

我们还是有一些小小的争吵,但是我们一点儿也不担心谁会离开谁。当然,我们也从来没有把这一点当作肆无忌惮的理由。看到那些异地恋的人儿最终分离,我内心一些些波澜都没有。因为我知道,好的人总能遇上好的人,对的人终究是对的人,他们只是不合适,我们却是真心地知道对方好,努力去爱,用尽气力去爱。

我不知道一天当中我们有多少次想到对方,就像我不知道天上有多少繁星在闪烁。但是我知道你知道,你知道我知道,爱,在一天天累积,不曾减少。

未来有你有我的日子,一定是美好的,因为我们相爱,所以我们坚信;因为我们坚信,所以我们看见。

Posted on

Bandit Level 32 → Level 33

After all this git stuff its time for another escape. Good luck!

解密

>>> $0
$ whoami
bandit33
$ cat /etc/bandit_pass/bandit33
c9c3199ddf4121b10cf581a98d51caee

知识点

  1. 作为脚本的第一个参数,都是当前执行文件名称,这里使用$0相当于执行了sh(看开头是一个$可以得出是sh而非bash);
  2. whoami发现是bandit33,那么直接看密码就行了;
Posted on

Bandit Level 31 → Level 32

解密

bandit31@bandit:~$ mktemp -d
/tmp/tmp.UHFbV1v7DX
bandit31@bandit:~$ cd /tmp/tmp.UHFbV1v7DX
bandit31@bandit:/tmp/tmp.UHFbV1v7DX$ git clone ssh://bandit31-git@localhost/home/bandit31-git/repo
Cloning into 'repo'...
Could not create directory '/home/bandit31/.ssh'.
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:98UL0ZWr85496EtCRkKlo20X3OPnyPSB5tB5RPbhczc.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/home/bandit31/.ssh/known_hosts).
This is a OverTheWire game server. More information on http://www.overthewire.org/wargames

bandit31-git@localhost's password:
remote: Counting objects: 4, done.
remote: Compressing objects: 100% (3/3), done.
remote: Total 4 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (4/4), done.
bandit31@bandit:/tmp/tmp.UHFbV1v7DX$ cd repo/
bandit31@bandit:/tmp/tmp.UHFbV1v7DX/repo$ ls
README.md
bandit31@bandit:/tmp/tmp.UHFbV1v7DX/repo$ cat README.md
This time your task is to push a file to the remote repository.

Details:
    File name: key.txt
    Content: 'May I come in?'
    Branch: master

bandit31@bandit:/tmp/tmp.UHFbV1v7DX/repo$ echo 'May I come in?' > key.txt
bandit31@bandit:/tmp/tmp.UHFbV1v7DX/repo$ git add -A
bandit31@bandit:/tmp/tmp.UHFbV1v7DX/repo$ git status
On branch master
Your branch is up-to-date with 'origin/master'.
nothing to commit, working tree clean
bandit31@bandit:/tmp/tmp.UHFbV1v7DX/repo$ cat .gitignore
*.txt
bandit31@bandit:/tmp/tmp.UHFbV1v7DX/repo$ :>.gitignore
bandit31@bandit:/tmp/tmp.UHFbV1v7DX/repo$ git status
On branch master
Your branch is up-to-date with 'origin/master'.
Changes not staged for commit:
  (use "git add <file>..." to update what will be committed)
  (use "git checkout -- <file>..." to discard changes in working directory)

        modified:   .gitignore

Untracked files:
  (use "git add <file>..." to include in what will be committed)

        key.txt

no changes added to commit (use "git add" and/or "git commit -a")
bandit31@bandit:/tmp/tmp.UHFbV1v7DX/repo$ git add -A
bandit31@bandit:/tmp/tmp.UHFbV1v7DX/repo$ git commit -m 'Try to resolve it.'
[master e515574] Try to resolve it.
 2 files changed, 1 insertion(+), 1 deletion(-)
 create mode 100644 key.txt
bandit31@bandit:/tmp/tmp.UHFbV1v7DX/repo$ git push
Could not create directory '/home/bandit31/.ssh'.
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:98UL0ZWr85496EtCRkKlo20X3OPnyPSB5tB5RPbhczc.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/home/bandit31/.ssh/known_hosts).
This is a OverTheWire game server. More information on http://www.overthewire.org/wargames

bandit31-git@localhost's password:
Counting objects: 4, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (4/4), 339 bytes | 0 bytes/s, done.
Total 4 (delta 0), reused 0 (delta 0)
remote: ### Attempting to validate files... ####
remote:
remote: .oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.
remote:
remote: Well done! Here is the password for the next level:
remote: 56a9bf19c63d650ce78e6ec0354ee45e
remote:
remote: .oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.
remote:
To ssh://localhost/home/bandit31-git/repo
 ! [remote rejected] master -> master (pre-receive hook declined)
error: failed to push some refs to 'ssh://bandit31-git@localhost/home/bandit31-git/repo'

知识点

  1. git工具使用add将所有工作区改动存储到暂存区;
  2. commit命令将暂存区内容存储到索引区;
  3. push命令将本地差异内容提交到远端;
  4. 这里有一个.gitignore文件,用于正则匹配不被git察觉到文件;
Posted on

Bandit Level 30 → Level 31

There is a git repository at ssh://bandit30-git@localhost/home/bandit30-git/repo. The password for the user bandit30-git is the same as for the user bandit30.

Clone the repository and find the password for the next level.

解密

bandit30@bandit:~$ mktemp -d
/tmp/tmp.UkNUXze0ar
bandit30@bandit:~$ cd /tmp/tmp.UkNUXze0ar
bandit30@bandit:/tmp/tmp.UkNUXze0ar$ git clone ssh://bandit30-git@localhost/home/bandit30-git/repo
Cloning into 'repo'...
Could not create directory '/home/bandit30/.ssh'.
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:98UL0ZWr85496EtCRkKlo20X3OPnyPSB5tB5RPbhczc.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/home/bandit30/.ssh/known_hosts).
This is a OverTheWire game server. More information on http://www.overthewire.org/wargames

bandit30-git@localhost's password:
remote: Counting objects: 4, done.
remote: Total 4 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (4/4), done.
bandit30@bandit:/tmp/tmp.UkNUXze0ar$ cd repo/
bandit30@bandit:/tmp/tmp.UkNUXze0ar/repo$ ls
README.md
bandit30@bandit:/tmp/tmp.UkNUXze0ar/repo$ git tag
secret
bandit30@bandit:/tmp/tmp.UkNUXze0ar/repo$ git show secret
47e603bb428404d265f59c42920d81e5

知识点

  1. git tag
Posted on

Bandit Level 29 → Level 30

There is a git repository at ssh://bandit29-git@localhost/home/bandit29-git/repo. The password for the user bandit29-git is the same as for the user bandit29.

Clone the repository and find the password for the next level.

解密

bandit29@bandit:~$ mktemp -d
/tmp/tmp.5vEfTyPY8r
bandit29@bandit:~$ cd /tmp/tmp.5vEfTyPY8r
bandit29@bandit:/tmp/tmp.5vEfTyPY8r$ git clone ssh://bandit29-git@localhost/home/bandit29-git/repo
Cloning into 'repo'...
Could not create directory '/home/bandit29/.ssh'.
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:98UL0ZWr85496EtCRkKlo20X3OPnyPSB5tB5RPbhczc.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/home/bandit29/.ssh/known_hosts).
This is a OverTheWire game server. More information on http://www.overthewire.org/wargames

bandit29-git@localhost's password:
remote: Counting objects: 16, done.
remote: Compressing objects: 100% (11/11), done.
remote: Total 16 (delta 2), reused 0 (delta 0)
Receiving objects: 100% (16/16), done.
Resolving deltas: 100% (2/2), done.
bandit29@bandit:/tmp/tmp.5vEfTyPY8r$ cd repo/
bandit29@bandit:/tmp/tmp.5vEfTyPY8r/repo$ git log
commit 84abedc104bbc0c65cb9eb74eb1d3057753e70f8
Author: Ben Dover <noone@overthewire.org>
Date:   Tue Oct 16 14:00:41 2018 +0200

    fix username

commit 9b19e7d8c1aadf4edcc5b15ba8107329ad6c5650
Author: Ben Dover <noone@overthewire.org>
Date:   Tue Oct 16 14:00:41 2018 +0200

    initial commit of README.md
bandit29@bandit:/tmp/tmp.5vEfTyPY8r/repo$ git tag
bandit29@bandit:/tmp/tmp.5vEfTyPY8r/repo$ git branch
* master
bandit29@bandit:/tmp/tmp.5vEfTyPY8r/repo$ git branch -r
  origin/HEAD -> origin/master
  origin/dev
  origin/master
  origin/sploits-dev
bandit29@bandit:/tmp/tmp.5vEfTyPY8r/repo$ git checkout dev
Branch dev set up to track remote branch dev from origin.
Switched to a new branch 'dev'
bandit29@bandit:/tmp/tmp.5vEfTyPY8r/repo$ git log
commit 33ce2e95d9c5d6fb0a40e5ee9a2926903646b4e3
Author: Morla Porla <morla@overthewire.org>
Date:   Tue Oct 16 14:00:41 2018 +0200

    add data needed for development

commit a8af722fccd4206fc3780bd3ede35b2c03886d9b
Author: Ben Dover <noone@overthewire.org>
Date:   Tue Oct 16 14:00:41 2018 +0200

    add gif2ascii

commit 84abedc104bbc0c65cb9eb74eb1d3057753e70f8
Author: Ben Dover <noone@overthewire.org>
Date:   Tue Oct 16 14:00:41 2018 +0200

    fix username

commit 9b19e7d8c1aadf4edcc5b15ba8107329ad6c5650
Author: Ben Dover <noone@overthewire.org>
Date:   Tue Oct 16 14:00:41 2018 +0200

    initial commit of README.md
bandit29@bandit:/tmp/tmp.5vEfTyPY8r/repo$ ls
code  README.md
bandit29@bandit:/tmp/tmp.5vEfTyPY8r/repo$ cat code/gif2ascii.py

bandit29@bandit:/tmp/tmp.5vEfTyPY8r/repo$ cat README.md
# Bandit Notes
Some notes for bandit30 of bandit.

## credentials

- username: bandit30
- password: 5b90576bedb2cc04c86a9e924ce42faf

知识点

  1. git命令存在多个分支branch,分支只是历史树上的一个游标;
Posted on

Bandit Level 28 → Level 29

There is a git repository at ssh://bandit28-git@localhost/home/bandit28-git/repo. The password for the user bandit28-git is the same as for the user bandit28.

Clone the repository and find the password for the next level.

解密

bandit28@bandit:~$ mktemp -d
/tmp/tmp.0HXHG7V3Lt
bandit28@bandit:~$ cd /tmp/tmp.0HXHG7V3Lt
bandit28@bandit:/tmp/tmp.0HXHG7V3Lt$ git clone ssh://bandit28-git@localhost/home/bandit28-git/repo
Cloning into 'repo'...
Could not create directory '/home/bandit28/.ssh'.
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:98UL0ZWr85496EtCRkKlo20X3OPnyPSB5tB5RPbhczc.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/home/bandit28/.ssh/known_hosts).
This is a OverTheWire game server. More information on http://www.overthewire.org/wargames

bandit28-git@localhost's password:
remote: Counting objects: 9, done.
remote: Compressing objects: 100% (6/6), done.
remote: Total 9 (delta 2), reused 0 (delta 0)
Receiving objects: 100% (9/9), done.
Resolving deltas: 100% (2/2), done.
bandit28@bandit:/tmp/tmp.0HXHG7V3Lt$ cd repo/
bandit28@bandit:/tmp/tmp.0HXHG7V3Lt/repo$ ls
README.md
bandit28@bandit:/tmp/tmp.0HXHG7V3Lt/repo$ cat README.md
# Bandit Notes
Some notes for level29 of bandit.

## credentials

- username: bandit29
- password: xxxxxxxxxx

bandit28@bandit:/tmp/tmp.0HXHG7V3Lt/repo$ git log
commit 073c27c130e6ee407e12faad1dd3848a110c4f95
Author: Morla Porla <morla@overthewire.org>
Date:   Tue Oct 16 14:00:39 2018 +0200

    fix info leak

commit 186a1038cc54d1358d42d468cdc8e3cc28a93fcb
Author: Morla Porla <morla@overthewire.org>
Date:   Tue Oct 16 14:00:39 2018 +0200

    add missing data

commit b67405defc6ef44210c53345fc953e6a21338cc7
Author: Ben Dover <noone@overthewire.org>
Date:   Tue Oct 16 14:00:39 2018 +0200

    initial commit of README.md
bandit28@bandit:/tmp/tmp.0HXHG7V3Lt/repo$ git checkout b67405defc6ef44210c53345fc953e6a21338cc7
Note: checking out 'b67405defc6ef44210c53345fc953e6a21338cc7'.

You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by performing another checkout.

If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -b with the checkout command again. Example:

  git checkout -b <new-branch-name>

HEAD is now at b67405d... initial commit of README.md
bandit28@bandit:/tmp/tmp.0HXHG7V3Lt/repo$ ls
README.md
bandit28@bandit:/tmp/tmp.0HXHG7V3Lt/repo$ cat README.md
# Bandit Notes
Some notes for level29 of bandit.

## credentials

- username: bandit29
- password: <TBD>

bandit28@bandit:/tmp/tmp.0HXHG7V3Lt/repo$ git checkout 186a1038cc54d1358d42d468cdc8e3cc28a93fcb
Previous HEAD position was b67405d... initial commit of README.md
HEAD is now at 186a103... add missing data
bandit28@bandit:/tmp/tmp.0HXHG7V3Lt/repo$ cat README.md
# Bandit Notes
Some notes for level29 of bandit.

## credentials

- username: bandit29
- password: bbc96594b4e001778eee9975372716b2

知识点

  1. git作为版本追踪工具,查看历史log
  2. 检出(checkout)到某个SHA历史点;
Posted on

Bandit Level 27 → Level 28

There is a git repository at ssh://bandit27-git@localhost/home/bandit27-git/repo. The password for the user bandit27-git is the same as for the user bandit27.

Clone the repository and find the password for the next level.

解密

bandit27@bandit:~$ mktemp -d
/tmp/tmp.RG0BBbh379
bandit27@bandit:~$ cd /tmp/tmp.RG0BBbh379
bandit27@bandit:/tmp/tmp.RG0BBbh379$ git clone ssh://bandit27-git@localhost/home/bandit27-git/repo
Cloning into 'repo'...
Could not create directory '/home/bandit27/.ssh'.
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:98UL0ZWr85496EtCRkKlo20X3OPnyPSB5tB5RPbhczc.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/home/bandit27/.ssh/known_hosts).
This is a OverTheWire game server. More information on http://www.overthewire.org/wargames

bandit27-git@localhost's password:

remote: Counting objects: 3, done.
remote: Compressing objects: 100% (2/2), done.
remote: Total 3 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (3/3), done.
bandit27@bandit:/tmp/tmp.RG0BBbh379$ cd repo/
bandit27@bandit:/tmp/tmp.RG0BBbh379/repo$ ls
README
bandit27@bandit:/tmp/tmp.RG0BBbh379/repo$ cat README
The password to the next level is: 0ef186ac70e04ea33b4c1853d2526fa2

知识点

  1. git版本追踪工具基本命令clone
Posted on

Bandit Level 26 → Level 27

Good job getting a shell! Now hurry and grab the password for bandit27!

解密

bandit26@bandit:~$ ls -l bandit27-do
-rwsr-x--- 1 bandit27 bandit26 7296 Oct 16  2018 bandit27-do
bandit26@bandit:~$ ./bandit27-do cat /etc/bandit_pass/bandit27
3ba3118a22e93127a4ed485be72ef5ea

知识点

  1. ls -l发现可执行文件bandit27-do设置了setuid