DEV Community

Cover image for Bandit Level 19 Level 20
Christian Paez
Christian Paez

Posted on

Bandit Level 19 Level 20

Introduction

Greetings, Welcome back to the OverTheWire Bandit challenges. In this level, we are presented with a custom binary that has to be exploited to get secret information.

Previous Flag

In the previous challenge, we successfully acquired the following flag:

Flag:

awhqfNnAbc1naukrpqDYcF95h7HoMTrC
Enter fullscreen mode Exit fullscreen mode

Exploring bandit20-do

Our next task involves the execution of the ./bandit20-do command. Let's initiate it and see what it does:

./bandit20-do
Enter fullscreen mode Exit fullscreen mode

It seems like this binary executes whatever bash command we provide as the user we want to escalate to, bandit20.

Retrieving Bandit20 Password

Now that we have access to bandit20-do, let's utilize it to read the contents of the /etc/bandit_pass/bandit20 file:

./bandit20-do cat /etc/bandit_pass/bandit20
Enter fullscreen mode Exit fullscreen mode

Executing this command should reveal the password for the Bandit level 20.

Flag:

VxCazJaVykI6W36BkBU0mJTCM8rR95XT
Enter fullscreen mode Exit fullscreen mode

Top comments (0)