Labels

OverTheWire Bandit Level 26->Level 27 - Walkthrough

Cybersecurity - OverTheWire Bandit Solutions
OverTheWire Bandit Solutions

Introduction

In this post, I will be giving you a walkthrough to the Bandit wargame Level 26->Level 27. We will use the knowledge from previous levels to clear this level as no new command is required.

Goal

Good job getting a shell! Now hurry and grab the password for bandit27! Get the password for bandit27 from the shell we were able launch for bandit26.

Login Details

Server - bandit.labs.overthewire.org
Port - 2220
Username - bandit26
Password - c7GvcKlw9mC7aUQaPx7nwFstuAIBw101

Theory

Utilise the knowledge from Level 26 walkthrough to get the shell after logging in to bandit26.

Go through the Level 20 walkthrough to understand linux permissions and suid special permission. 

Solution

SSH into the user bandit26 using the command "ssh bandit26@bandit.labs.overthewire.org -p 2220" and the above password. Make sure that the terminal window is very short so that the more command enters the interactive mode. Now, press the key "v" to open the vim editor. We can expand the terminal now and enter the commands-:

  • :set shell=/bin/bash
  • Press "Enter" key
  • :shell
  • Press "Enter" key

Now we have launched the bash shell for user bandit26. Type "ls -l" to see if there are any files in the current directory and its permissions.

We can see that a binary file by the name "bandit27-do" is present having the owner as bandit27 and the SUID bit is also set. From our learnings in Level 20 walkthrough, we can say that if we run any other command then that command will have the same permissions as the owner of the binary.

Therefore, type the command "./bandit27-do cat /etc/bandit_pass/bandit27" to get the password for bandit27.

Note - When you are in bash shell of bandit26, type "exit" to logout. This will take you back to vim editor. Type ":q" to quit the vim editor and go back to the default shell of bandit26 with more command in interactive mode.

This completes Level 27 walkthrough. Please post your questions and doubts in the comment section.




Labels:

Comments

Post a Comment

Popular Posts