Bandit level 5
Level Goal
The password for the next level is stored in a file somewhere under the inhere directory and has all of the following properties:
- human-readable
- 1033 bytes in size
- not executable
Now we are getting something a bit more challenging than just catting out a single file. Now we need to find the file, in a directory with many subdirectories and files. But we know a few things about the file that will help us find it, all of them are listed above.
useful commands here:
- ls
- cd
- cat
- find
Solution - Spoiler Alert!
After I have cd in to the inhere directory I performed a ls -la as usual to see what i have to deal with and find a lot of different directories. Great, it looks like we need to find a needle in the hay stack. Easiest way to find a needle in a hay stack? Magnet! And our magnet is the find command. This is a very powerful command to, well, find things. The strength in the find command lays in it's options.
We need one option for each of the known variables preferably. the very first option and argument combo I added is the -type f which specifies that we are looking for a file. Then we need to look for files that are not executable. By using the -perm option we can look for set permissions. -perm /111 will look for files with the first permission bit set, which indicates execution permission for user, group and other. That is the opposite of what we want. To flip it around we can use an "NOT-operator", in this case, it is an exclamation mark. ! -perm /111 will be our option for excluding executables.
We still have a lot of files to choose from but we know the size of it, 1033 bytes. To filter by size we can add -size 1003c I tries with 1033b for bytes, but that did not work, and it turns out c is correct use for bytes. Now we are left with one file, but as someone that is fond of one-liners in bash, we can add some more. By adding exec cat {} \; we can execute directly on the file.
This will cat out the content of the file we have found, and we have our password!
Comments ()