Bandit Level 20 → Level 21

Level Goal

There is a setuid binary in the homedirectory that does the following: it makes a connection to localhost on the port you specify as a commandline argument. It then reads a line of text from the connection and compares it to the password in the previous level (bandit20). If the password is correct, it will transmit the password for the next level (bandit21).

NOTE: Changes to the infrastructure made this level more difficult. You will need to figure out a way to launch multiple commands in the same Docker instance.

NOTE 2: Try connecting to your own network daemon to see if it works as you think

Level Answer

1. cat [FILE] | nc [-l] [port] &

$ cat /etc/bandit_pass/bandit20 | nc -l 50000 &
[1] 13805

2. ./suconnect [portnumber]

$ ./suconnect 50000
Read: GbKksEFF4yrVs6il55v6gwY5aVje5f0j
Password matches, sending next password
gE269g2h3mw3pwgrj0Ha9Uoqen1c9DGr

3. ssh [-p port] [user@]hostname

[-p port] Port to connect to on the remote host.

$ ssh -p 2220 [email protected]

Level Password

gE269g2h3mw3pwgrj0Ha9Uoqen1c9DGr

Level 20 → Level 21

Bandit Level 20 → Level 21

Level Goal

Level Answer

Level Password

results matching ""

No results matching ""