bandit 21 machine is very simple, where you have to check which command is running by cronjob in the machine.
So, let’s start by logging into bandit 21 machine
ssh firstname.lastname@example.org -p 2220
and we have the password from the previous level
now, let’s open the cron file to see which commands are scheduled to run.
then let’s list all the files that are in the directory
let’s read cronjob_bandit22 file
@reboot bandit22 /usr/bin/cronjob_bandit22.sh &> /dev/null * * * * * bandit22 /usr/bin/cronjob_bandit22.sh &> /dev/null
now, we know where the program is located, so let’s go there
and you should see the following text
#!/bin/bash chmod 644 /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv cat /etc/bandit_pass/bandit22 > /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv
So the program is saving bandit22’s password into a file in tmp folder, so let’s read that file and get the password.
and voila! we get the password for the next level