Level Goal
To gain access to the next level, you should use the setuid binary in the homedirectory. Execute is without arguments to find out how to use it. The password for this level can be found in the usual place (/etc/bandit_pass), after you have used to setuid binary.Helpful Reading Material
setuid on WikipediaSolution:
- [Comment] Using SSH to connect the server
- sp@simple-plan:~|=> ssh bandit19@bandit.labs.overthewire.org
...
bandit19@bandit.labs.overthewire.org's password: IueksS7Ubh8G3DCwVzrTd8rAVOwq3M5x - [Comment] Using ls command to list directory contents
- bandit19@melinda:~$ ls
bandit20-do - [Comment] Using ll = ls -l command to list directory contents in detail
- bandit19@melinda:~$ ll
total 28
drwxr-xr-x 2 root root 4096 Jun 6 2013 ./
drwxr-xr-x 160 root root 4096 Oct 17 09:23 ../
-rw-r--r-- 1 root root 220 Apr 3 2012 .bash_logout
-rw-r--r-- 1 root root 3486 Apr 3 2012 .bashrc
-rw-r--r-- 1 root root 675 Apr 3 2012 .profile
-rwsr-x--- 1 bandit20 bandit19 7237 Jun 6 2013 bandit20-do* - [Comment] Checking the binary file which has setuid permission bit set
- bandit19@melinda:~$ ./bandit20-do --help
Usage: env [OPTION]... [-] [NAME=VALUE]... [COMMAND [ARG]...]
Set each NAME to VALUE in the environment and run COMMAND.
-i, --ignore-environment start with an empty environment
-0, --null end each output line with 0 byte rather than newline
-u, --unset=NAME remove variable from the environment
--help display this help and exit
--version output version information and exit
A mere - implies -i. If no COMMAND, print the resulting environment.
Report env bugs to bug-coreutils@gnu.org
GNU coreutils home page:
General help using GNU software:
Report env translation bugs to
For complete documentation, run: info coreutils 'env invocation'
GbKksEFF4yrVs6il55v6gwY5aVje5f0j
logout
Connection to bandit.labs.overthewire.org closed.
No comments:
Post a Comment