Level 20¶
Objectives¶
- SSH to
bandit19
- Use the SUID binary in the homedirectory to get the password from
/etc/bandit_pass
Objective 1¶
- Username:
bandit19
- Password:
IueksS7Ubh8G3DCwVzrTd8rAVOwq3M5x
- Port:
2220
- IP/Hostname:
bandit.labs.overthewire.org
user@localhost:~$ ssh -p 2220 [email protected]
Success!
Objective 2¶
We need to find out how to use the binary.
They tell us to run the binary without arguments to learn what it does.
bandit19@bandit:~$ ./bandit20-do
Run a command as another user.
Example: ./bandit20-do id
So all we need to do is run the binary (which should run as bandit20
) to try to read /etc/bandit_pass/bandit20
.
bandit19@bandit:~$ ./bandit20-do cat /etc/bandit_pass/bandit20
GbKksEFF4yrVs6il55v6gwY5aVje5f0j