Level Goal
A program is running automatically at regular intervals from cron, the time-based job scheduler. Look in /etc/cron.d/ for the configuration and see what command is being executed.
Solution
Password: gE269g2h3mw3pwgrj0Ha9Uoqen1c9DGr
|
1 |
$ ssh [email protected] -p 2220 |
Let’s do what we’re told and check out the cron directory.
|
1 2 |
[email protected]:~$ ls /etc/cron.d/ cronjob_bandit22 cronjob_bandit23 cronjob_bandit24 popularity-contest |
We want the bandit22 password, so let’s check out cronjob_bandit22.
|
1 2 3 |
[email protected]:~$ cat /etc/cron.d/cronjob_bandit22 @reboot bandit22 /usr/bin/cronjob_bandit22.sh &> /dev/null * * * * * bandit22 /usr/bin/cronjob_bandit22.sh &> /dev/null |
We have a script that’s sending its output to The Abyss every minute. Let’s check out what the script does.
|
1 2 3 4 |
[email protected]:~$ cat /usr/bin/cronjob_bandit22.sh #!/bin/bash chmod 644 /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv cat /etc/bandit_pass/bandit22 > /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv |
The contents of bandit22‘s password file is being output to a weird file. Let’s read that file.
|
1 2 |
[email protected]:~$ cat /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv Yk7owGAcWjwMVRwrTesJEwB7WVOiILLI |
Jinkies.