Exploring OverTheWire: Level 20 to Level 21 - Bandit Challenge

📆 · ⏳ 2 min read · ·

Introduction

As we continue our ascent in the Bandit Challenge, Level 21 ↗️ presents an engaging challenge involving a setuid binary. Let’s get started!

Challenge Overview

💡

Level 21 challenges us to establish a connection with a setuid binary that connects to localhost on a port specified as a command-line argument. This binary reads a line of text, compares it with the password from the previous level, and transmits the password for the next level if the comparison succeeds.

Our approach involves setting up a server using the nc or netcat command, having the binary connect to it, and effectively transmitting the password.

Approach and Strategy

Follow these steps to successfully solve Level 21

Terminal window
ssh [email protected] -p 2220

Enter the password you obtained from the previous level.

Next we want to set up a server using the nc command to listen on a specified port and send the current password

Terminal window
echo {current_password} | nc -l -p {port}

Replace {current_password} with the password from the current level and {port} with the desired port number.

For example

Terminal window
echo VxCazJaVykI6W36BkBU0mJTCM8rR95XT | nc -l -p 1212

Now this will block the terminal window so you can either open another tab and login to level 20 or you can run this in the background by adding & to the end of the command. So the updated command would be like this

Terminal window
echo VxCazJaVykI6W36BkBU0mJTCM8rR95XT | nc -l -p 1212 &

Once this is done, we can run the setuid binary to connect to the server we just set up on the port 1212 (or whatever port you chose)

Terminal window
./suconnect {port}

Replace {port} with the port number specified before (1212 in this example).

In the terminal running the nc command, you should receive the transmitted password. Take note of it for the next level.

Notes

  • Use the -l option with nc to specify a port for listening.
  • Use the & operator to run a command in the background.

Conclusion

Congratulations on successfully completing Level 21 of the Bandit Challenge! By strategically setting up a server with the nc command, connecting to it using the setuid binary, and effectively transmitting the password, we gained access to the next level.

Stay tuned for the next blog post, where we’ll tackle Level 22 and continue our quest to become skilled cybersecurity practitioners.

You may also like

  • Exploring OverTheWire: Level 19 to Level 20 - Bandit Challenge

    Welcome back to our thrilling journey through the Bandit Challenge! In this blog post, we're poised to conquer Level 20, where we encounter a setuid binary that holds the key to our progress. Join me as we explore the concept of setuid binaries, learn how to execute them, and successfully uncover the password to continue our journey. Let's dive in!

  • Exploring OverTheWire: Level 18 to Level 19 - Bandit Challenge

    Welcome back to our riveting journey through the Bandit Challenge! In this blog post, we're set to conquer Level 19, where a password is concealed within a file. However, a clever twist awaits us—someone has tampered with the system to log us out during SSH login. Join me as we navigate through this challenge using commands like ssh, ls, and cat, all while devising strategies to overcome the unexpected hurdle. Let's dive in!

  • Exploring OverTheWire: Level 17 to Level 18 - Bandit Challenge

    Welcome back to our captivating journey through the Bandit Challenge! In this blog post, we're set to conquer Level 18, where our mission is to identify the password that has been changed between two files. Join me as we explore file comparisons, employ commands like cat, grep, and diff, and successfully uncover the password to progress further. Let's dive in!