OverTheWire - Bandit - Level 32 → Level 33

Warning: This post contains a solution!

Continue only if:
1.) you want to see a possible alternative solution or
2.) you are stuck and need a hint!


Connect to the server using the following credentials:

Server: bandit.labs.overthewire.org
Port: 2220
Username: bandit32
Password: 56a9bf19c63d650ce78e6ec0354ee45e

Level Goal is:

After all this git stuff its time for another escape. Good luck!

Once logged in, we are welcomed by the message "WELCOME TO THE UPPERCASE SHELL".

WELCOME TO THE UPPERCASE SHELL
>>

A few attempts show us that everything we enter is converted to uppercase letters.

>> ls
sh: 1: LS: not found
>> ..
sh: 1: ..: Permission denied
>> cat
sh: 1: CAT: not found
>>

As commands that could help us to solve this level, sh and man are given. After some googling and reading the man page I came across "$0" which allows us to invoke a shell.
The next steps are simple, we print the contents of the file bandit33 under /etc/bandit_pass/bandit33.

>> $0
$ echo $0
sh
$ cat /etc/bandit_pass/bandit33
c9c3199ddf4121b10cf581a98d51caee

References

* https://www.gnu.org/savannah-checkouts/gnu/bash/manual/bash.html#Positional-Parameters
* https://unix.stackexchange.com/questions/280454/what-is-the-meaning-of-0-in-the-bash-shell

Show Comments