Skip to main content
j2234’s log

bandit26

·70 words·1 min· loading
DEV
Table of Contents
bandit - This article is part of a series.
Part 1: bandit lv0
Part 2: bandit lv 6,7
Part 3: bandit lv 1~5
Part 4: bandit8
Part 5: bandit 9
Part 6: bandit10
Part 7: bandit 11
Part 8: bandit12
Part 9: bandit13
Part 10: bandit14
Part 11: bandit15
Part 12: bandit16
Part 13: bandit17
Part 14: bandit18
Part 15: bandit19
Part 16: bandit20
Part 17: bandit21
Part 18: bandit22
Part 19: bandit23
Part 20: bandit24
Part 21: bandit25
Part 22: This Article
Part 23: bandit27
Part 24: bandit28 (소름)
Part 25: bandit29
Part 26: bandit30
Part 27: bandit31
Part 28: bandit32
Part 29: bandit33(미완)

bandit25에서 얻은 쉘에서 접속해야한다

Good job getting a shell! Now hurry and grab the password for bandit27! Commands you may need to solve this level

칭찬받았다 :)

풀이
#

ls를 쳐보면, bandit27-do라는 파일이 보인다 권한이 다음과 같다

-rwsr-x---  1 bandit27 bandit26 14876 Dec  3 08:14 bandit27-do

x자리에 s가 보이는데, 이는 setuid를 뜻한다 다음과 같이, 파일 소유자의 권한을 빌릴 수 있다

bandit26@bandit:~$ ./bandit27-do whoami
bandit27

비번찾기

bandit26@bandit:~$ ./bandit27-do cat /etc/bandit_pass/bandit27
#YnQpBuifNMas1hcUFk70ZmqkhUU2EuaS
bandit - This article is part of a series.
Part 1: bandit lv0
Part 2: bandit lv 6,7
Part 3: bandit lv 1~5
Part 4: bandit8
Part 5: bandit 9
Part 6: bandit10
Part 7: bandit 11
Part 8: bandit12
Part 9: bandit13
Part 10: bandit14
Part 11: bandit15
Part 12: bandit16
Part 13: bandit17
Part 14: bandit18
Part 15: bandit19
Part 16: bandit20
Part 17: bandit21
Part 18: bandit22
Part 19: bandit23
Part 20: bandit24
Part 21: bandit25
Part 22: This Article
Part 23: bandit27
Part 24: bandit28 (소름)
Part 25: bandit29
Part 26: bandit30
Part 27: bandit31
Part 28: bandit32
Part 29: bandit33(미완)