OverTheWire - Bandit - Level 19 → Level 20

Connect to the server using the following credentials:

Server: bandit.labs.overthewire.org
Port: 2220
Username: bandit19
Password: IueksS7Ubh8G3DCwVzrTd8rAVOwq3M5x

Level Goal is:

To gain access to the next level, you should use the setuid binary in the homedirectory. Execute it without arguments to find out how to use it. The password for this level can be found in the usual place (/etc/bandit_pass), after you have used the setuid binary.

Let us execute the setuid binary:

bandit19@bandit:~$ ./bandit20-do 
Run a command as another user.
  Example: ./bandit20-do id

As it is running a command as another user, we can directly read the content of '/etc/bandit_pass/bandit20' to get the password for the next level:

bandit19@bandit:~$ ./bandit20-do cat /etc/bandit_pass/bandit20
GbKksEFF4yrVs6il55v6gwY5aVje5f0j
Show Comments