Bandit Level 25 → Level 26

Level Goal

Logging in to bandit26 from bandit25 should be fairly easy… The shell for user bandit26 is not /bin/bash, but something else. Find out what it is, how it works and how to break out of it.

Level Answer

1. cat [FILE] | grep [PATTERN]

$ cat /etc/passwd | grep bandit26
bandit26:x:11026:11026:bandit level 26:/home/bandit26:/usr/bin/showtext

2. cat [FILE]

$ cat /usr/bin/showtext
#!/bin/sh

export TERM=linux

more ~/text.txt
exit 0

3. ssh [-i identity_file][-p port] [user@]hostname

[-i identity_file] Selects a file from which the identity (private key) for public key authentication is read.
[-p port] Port to connect to on the remote host.
Minimize the window to prevent the connection to bandit.labs.overthewire.org closed.

$ ssh -i bandit26.sshkey -p 2220 [email protected]

4. Click 'v' to launch vi

5. Type :e cat /etc/bandit_pass/bandit26

5czgV9L3Xx8JPOyRbXh6lQbmIOWvPT6Z
~                                                                                                                                                               
"/etc/bandit_pass/bandit26" [readonly] 1L, 33C

6. ssh [-p port] [user@]hostname

[-p port] Port to connect to on the remote host.

$ ssh -p 2220 [email protected]

Level Password

5czgV9L3Xx8JPOyRbXh6lQbmIOWvPT6Z

Level 25 → Level 26

Bandit Level 25 → Level 26

Level Goal

Level Answer

Level Password

results matching ""

No results matching ""