[Bandit-OverTheWire] Level 22 -> Level 23

 

 

Bandit Level 22 → Level 23 Level Goal A program is running automatically at regular intervals from cron, the time-based job scheduler. Look in /etc/cron.d/ for the configuration and see what command is being executed. NOTE: Looking at shell scripts written by other people is a very useful skill. The script for this level is intentionally made easy to read. If you are having problems understanding what it does, try executing it to see the debug information it prints. Commands you may need to solve this level cron, crontab, crontab(5) (use “man 5 crontab” to access this)

 

 

접속

접속 : ssh bandit22@bandit.labs.overthewire.org -p2220
pw : Yk7owGAcWjwMVRwrTesJEwB7WVOiILLI

 

 

이전 문제랑 비슷한 맥락이네요.

 

bandit22@bandit:~$ cat /etc/cron.d/cronjob_bandit23
@reboot bandit23 /usr/bin/cronjob_bandit23.sh  &> /dev/null
* * * * * bandit23 /usr/bin/cronjob_bandit23.sh  &> /dev/null

 

봅시다

 

bandit22@bandit:~$ cat /usr/bin/cronjob_bandit23.sh
#!/bin/bash

myname=$(whoami)
mytarget=$(echo I am user $myname | md5sum | cut -d ' ' -f 1)

echo "Copying passwordfile /etc/bandit_pass/$myname to /tmp/$mytarget"

cat /etc/bandit_pass/$myname > /tmp/$mytarget

 

보아하니 저 mytarget의 값을 찾아내야하네요.

myname은 bandit23이니 실행시켜봅시다.

 

bandit22@bandit:~$ cat /usr/bin/cronjob_bandit23.sh &> /dev/null
bandit22@bandit:~$ echo I am user bandit23 | md5sum | cut -d ' ' -f 1
8ca319486bfbbc3663ea0fbe81326349

 

myname이 /tmp/8ca319486bfbbc3663ea0fbe81326349 안에있는 값을 알아내면 되겠죠?

 

bandit22@bandit:~$ cat /tmp/8ca319486bfbbc3663ea0fbe81326349
jc1udXuA1tiHqjIsL8yaapX5XIAI6i0n

 

끝