Skip to main content

Posts

Showing posts with the label Bandit 20

Over the Wire - Bandit 20

Bandit 20 Objectives Level GoalTo gain access to the next level, you should use the setuid binary in the homedirectory. Execute it without arguments to find out how to use it. The password for this level can be found in the usual place (/etc/bandit_pass), after you have used the setuid binary. Solution lets see what the ./bandit20-do..... does bandit19@bandit:~$ ./bandit20-do aaaa env: ‘aaaa’: No such file or directory ok so it takes some input  ..... lets see what ls does? bandit19@bandit:~$ ./bandit20-do ls bandit20-do ok so it looks like it runs what ever command we throw at it. Let's try to cat into the password file for level 20 bandit19@bandit:~$ ./bandit20-do cat /etc/bandit_pass/bandit20 GbKksEFF4yrVs6il55v6gwY5aVje5f0j cool so that wasn't too hard once again we are going to skip the python version of this level .... or maybe we will I'm not sure.. is there any python below here? if not then I skipped it if so I felt a little too bad skippin