Some more intel has been recovered and it hints at new program developments the cyber bots system is running, the code is supposedly used to encrypt secrets.
The Linux challenges are consecutive, starting from part 1.
First, we must log in to bot3, using the previous flag as the password, and then change directory to bot3's home directory:
bot2@cybot01:~$ su bot3
Password:
bot3@cybot01:/home/bot2$ cd ~
Let's see what files there are here:
bot3@cybot01:~$ ls -la
total 24
dr-xr-x--- 2 root bot3 4096 Jun 18 09:51 .
drwxr-xr-x 10 root root 4096 Jun 18 09:51 ..
lrwxrwxrwx 1 root root 9 Jun 18 09:51 .bash_history -> /dev/null
-r--r----- 1 bot3 bot3 220 Feb 25 2020 .bash_logout
-r--r----- 1 bot3 bot3 3771 Feb 25 2020 .bashrc
-r--r----- 1 bot3 bot3 807 Feb 25 2020 .profile
-r--r----- 1 bot3 root 798 Jun 18 09:51 .viminfo
No flag file to be seen, and nothing too out of the ordinary. However, the .viminfo file looks promising.
bot3@cybot01:~$ cat .viminfo
# This viminfo file was generated by Vim 8.1.
# You may edit it if you're careful!
# Viminfo version
|1,4
# Value of 'encoding' when this file was written
*encoding=utf-8
# hlsearch on (H) or off (h):
~h
# Command Line History (newest to oldest):
:w
|2,0,1620820231,,"qa!"
:wq
# Search String History (newest to oldest):
# Expression History (newest to oldest):
# Input Line History (newest to oldest):
# Debug Line History (newest to oldest):
# Registers:
# File marks:
'0 1 15 /usr/local/share/secret
|4,48,1,15,1620820231,"/usr/local/share/secret"
# Jumplist (newest first):
-' 1 15 /usr/local/share/secret
|4,39,1,15,1620820231,"/usr/local/share/secret"
# History of marks within files (newest to oldest):
> /usr/local/share/secret
* 1620820228 0
" 1 15
^ 1 16
. 1 16
+ 1 16
The /usr/local/share/secret looking mighty sus; let's check that out:
bot3@cybot01:~$ cat /usr/local/share/secret
CDDC21{V1m_th3_s4vior}
Bingo. Vim the savior indeed.
CDDC21{V1m_th3_s4vior}