[Bandit-OverTheWire] Level 20 -> Level 21

두비니

·

2020. 9. 24. 08:00

 

 

Bandit Level 20 → Level 21

Level Goal

There is a setuid binary in the homedirectory that does the following: it makes a connection to localhost on the port you specify as a commandline argument. It then reads a line of text from the connection and compares it to the password in the previous level (bandit20). If the password is correct, it will transmit the password for the next level (bandit21).

NOTE: Try connecting to your own network daemon to see if it works as you think

Commands you may need to solve this level

ssh, nc, cat, bash, screen, tmux, Unix ‘job control’ (bg, fg, jobs, &, CTRL-Z, …)

 

 

접속

접속 : ssh bandit20@bandit.labs.overthewire.org -p2220
pw : GbKksEFF4yrVs6il55v6gwY5aVje5f0j

 

디렉토리를 확인해보니 suconnect라는 파일이 있네요. 확인해봅시다.

 

bandit20@bandit:~$ ls
suconnect
bandit20@bandit:~$ ./suconnect
Usage: ./suconnect <portnumber>
This program will connect to the given port on localhost using TCP. 
If it receives the correct password from the other side, the next password is transmitted back.
bandit20@bandit:~$ 

 

suconnect는 port이름을 넘겨서 그 포트로 연결하게 됩니다.

그럼 내 terminal에서 nc listen으로 하나 열어놓고, 거기로 접속한 뒤 문제를 풀면 될 것 같네요

 

 

 

굳구루굳굳굳굳