Lessons Learned
Logging in
On a kali vm/ linux machine
Type:
Completing The Challenge
The Goal:
There is a setuid binary in the homedirectory that does the following: it makes a connection to localhost on the port you specify as a commandline argument. It then reads a line of text from the connection and compares it to the password in the previous level (bandit20). If the password is correct, it will transmit the password for the next level (bandit21).
The Solution:
bandit20@bandit:~$ nc -l -p 2000
^Z
[1]+ Stopped nc -l -p 2000
bandit20@bandit:~$ ./suconnect 2000
^Z
[2]+ Stopped ./suconnect 2000
bandit20@bandit:~$ fg 1
nc -l -p 2000
GbKksEFF4yrVs6il55v6gwY5aVje5f0j
^Z
[1]+ Stopped nc -l -p 2000
bandit20@bandit:~$ fg 2
./suconnect 2000
Read: GbKksEFF4yrVs6il55v6gwY5aVje5f0j
Password matches, sending next password
bandit20@bandit:~$ fg1
-bash: fg1: command not found
bandit20@bandit:~$ fg 1
nc -l -p 2000
gE269g2h3mw3pwgrj0Ha9Uoqen1c9DGr
this took me some time since i kept wanting to use the -c but that sends one message and closes, it wasn't till i read https://www.computerhope.com/unix/nc.htm that i understood that "nc -l -p port" creates an active connection that wont actively close after the first message and can be used to keep sending and receiving messages.
Comments
Post a Comment