[Bandit-OverTheWire] Level 19 -> Level 20

두비니

·

2020. 9. 23. 23:41

 

 

Bandit Level 19 → Level 20

Level Goal

To gain access to the next level, you should use the setuid binary in the homedirectory. Execute it without arguments to find out how to use it. The password for this level can be found in the usual place (/etc/bandit_pass), after you have used the setuid binary.

Helpful Reading Material

 

 

접속

접속 : ssh bandit19@bandit.labs.overthewire.org -p2220
pw : IueksS7Ubh8G3DCwVzrTd8rAVOwq3M5x

 

자 이제 디렉토리에 있는 setuid를 잘 사용해서 비밀번호를 찾아내라는 것 같은데, 일단 디렉토리 안에있는 ./bandit20-do

 

bandit19@bandit:~$ ./bandit20-do 
Run a command as another user.
  Example: ./bandit20-do id

 

보니깐 bandit20의 권한을 빌려서 실행을 시킬 수 있는것같네요. 그럼 비밀번호를 여는데 사용하면 되겠죠?

 

 

bandit19@bandit:~$ ./bandit20-do cat /etc/bandit_pass/bandit20
GbKksEFF4yrVs6il55v6gwY5aVje5f0j

 

끝!