bandit 21 machine is very simple, where you have to check which command is running by cronjob in the machine.
So, let’s start by logging into bandit 21 machine
ssh bandit21@bandit.labs.overthewire.org -p 2220 and we have the password from the previous level
gE269g2h3mw3pwgrj0Ha9Uoqen1c9DGrnow, let’s open the cron file to see which commands are scheduled to run.
cd /etc/cron.dthen let’s list all the files that are in the directory
let’s read cronjob_bandit22 file
@reboot bandit22 /usr/bin/cronjob_bandit22.sh &> /dev/null
* * * * * bandit22 /usr/bin/cronjob_bandit22.sh &> /dev/nullnow, we know where the program is located, so let’s go there
cat /usr/bin/cronjob_bandit22.sh
and you should see the following text
#!/bin/bash
chmod 644 /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv
cat /etc/bandit_pass/bandit22 > /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgvSo the program is saving bandit22’s password into a file in tmp folder, so let’s read that file and get the password.
cat /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgvand voila! we get the password for the next level
Yk7owGAcWjwMVRwrTesJEwB7WVOiILLI
Recent Comments