Bandit Level 20 → Level 21

There is a setuid binary in the homedirectory that does the following: it makes a connection to localhost on the port you specify as a commandline argument. It then reads a line of text from the connection and compares it to the password in the previous level (bandit20). If the password is correct, it will transmit the password for the next level (bandit21).

NOTE: Try connecting to your own network daemon to see if it works as you think

解密

  1. 使用一个nc -l -p 1115 < /etc/bandit_pass/bandit20命令作为server监听端口1115,并且输入当前密码;
  2. 打开另一个端口,使用./suconnect 12345
  3. 立马得到gE269g2h3mw3pwgrj0Ha9Uoqen1c9DGr

知识点

  1. nc作为服务器监听端口-l -p