OverTheWire - Bandit - Level 21

Level Goal

There is a setuid binary in the home directory that does the following: it makes a connection to localhost on the port you specify as a command line argument. It then reads a line of text from the connection and compares it to the password in the previous level (bandit20). If the password is correct, it will transmit the password for the next level (bandit21).

NOTE: To beat this level, you will need to log in twice: once to run the setuid command, and once to start a network daemon to which the setuid will connect.

NOTE: Try connecting to your own network daemon to see if it works as you think

Commands you may need to solve this level

• ssh
• nc
• cat

Helpful Reading Material

• None provided, however I recommend reading up on the nc command.

---

We will need two console windows to work with. From one console window let's start nc listening on a port of our choice.

nc -l 7777

In the second console window start the suconnect file in the home directory on the same port you specified nc to listen on.

./suconnect 7777

Go back to the first console and paste in the command for the previous level. In your first window you should see the following:

Finally go back to the second console and you should see the password displayed and nc should have terminated.

Use this password to log into bandit21.