OverTheWire - Leviathan - Level 1

After logging into leviathan1 and checking the home directory we will see a program called check. If we run check it requests a password. If you were like me, you may have tried the password used to log in to this level expecting it to be like Bandit. It is not.

However, it does give us some insight into how the program probably operates. It takes our input and must compare it to some defined value. Use the strings command to print the strings of printable characters used by the ./check application.

strings ./check

You may be able to see the password in the returned results, but it is not blatantly obvious. If we use the linux command ltrace to find the strcmp function used we may be able to determine what our input is being compared to while it is executing.

ltrace ./check

After the program asks for input this time we should see the password it expects to receive.

When you input the password it expects you are dropped into a shell. You can run the whoami command to figure out which user you are, although it should be no surprise that it is Leviathan2. Use the following command to get the password to log in to leviathan2 directly.

cat /etc/leviathan_pass/leviathan2