Exploring OverTheWire: Level 20 to Level 21 - Bandit Challenge

Introduction

As we continue our ascent in the Bandit Challenge, Level 21 ↗️ presents an engaging challenge involving a setuid binary. Let’s get started!

Challenge Overview

Our approach involves setting up a server using the nc or netcat command, having the binary connect to it, and effectively transmitting the password.

Approach and Strategy

Follow these steps to successfully solve Level 21

ssh [email protected] -p 2220

Enter the password you obtained from the previous level.

Next we want to set up a server using the nc command to listen on a specified port and send the current password

echo {current_password} | nc -l -p {port}

Replace {current_password} with the password from the current level and {port} with the desired port number.

For example

echo VxCazJaVykI6W36BkBU0mJTCM8rR95XT | nc -l -p 1212

Now this will block the terminal window so you can either open another tab and login to level 20 or you can run this in the background by adding & to the end of the command. So the updated command would be like this

echo VxCazJaVykI6W36BkBU0mJTCM8rR95XT | nc -l -p 1212 &

Once this is done, we can run the setuid binary to connect to the server we just set up on the port 1212 (or whatever port you chose)

./suconnect {port}

Replace {port} with the port number specified before (1212 in this example).

In the terminal running the nc command, you should receive the transmitted password. Take note of it for the next level.

Notes

• Use the -l option with nc to specify a port for listening.
• Use the & operator to run a command in the background.

Conclusion

Congratulations on successfully completing Level 21 of the Bandit Challenge! By strategically setting up a server with the nc command, connecting to it using the setuid binary, and effectively transmitting the password, we gained access to the next level.

Stay tuned for the next blog post, where we’ll tackle Level 22 and continue our quest to become skilled cybersecurity practitioners.