{"id":1205,"date":"2019-09-07T13:50:08","date_gmt":"2019-09-07T05:50:08","guid":{"rendered":"http:\/\/van-yzt.com\/?p=1205"},"modified":"2019-09-07T13:50:08","modified_gmt":"2019-09-07T05:50:08","slug":"bandit-level-6-%e2%86%92-level-7","status":"publish","type":"post","link":"https:\/\/huzi-baozi.com\/?p=1205","title":{"rendered":"Bandit Level 6 \u2192 Level 7"},"content":{"rendered":"<p>The password for the next level is stored somewhere on the server and has all of the following properties:<\/p>\n<p>owned by user bandit7<br \/>\nowned by group bandit6<br \/>\n33 bytes in size<\/p>\n<h2>\n\u89e3\u5bc6<\/h2>\n<pre><code class=\"language-shell\">bandit6@bandit:~$ find \/  -type f -size 33c -user bandit7 -group bandit6 2&gt;&amp;1 | grep -v denied | grep -v 'No such'\n\/var\/lib\/dpkg\/info\/bandit7.password\nbandit6@bandit:~$ cat \/var\/lib\/dpkg\/info\/bandit7.password\nHKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs\n<\/code><\/pre>\n<h2>\n\u77e5\u8bc6\u70b9<\/h2>\n<ol>\n<li>\n<code>find<\/code>\u547d\u4ee4<code>-user<\/code>\u6307\u5b9a\u6587\u4ef6\u6240\u5c5e\u7528\u6237<\/li>\n<li>\n<code>find<\/code>\u547d\u4ee4<code>-group<\/code>\u6307\u5b9a\u6587\u4ef6\u6240\u5c5e\u7528\u6237\u7ec4<\/li>\n<li>\n<code>2&gt;&amp;1<\/code>\u91cd\u5b9a\u5411\u6807\u51c6\u9519\u8bef\u8f93\u51fa\u5230\u6807\u51c6\u8f93\u51fa<\/li>\n<li>\n<code>grep -v<\/code>\u7528\u4e8e\u53bb\u9664\u5339\u914d\u8f93\u51fa<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>The password for the next level is stored somewhere on the server and has all of the following properties: owned by user bandit7 owned by group bandit6 33 bytes in size \u89e3\u5bc6 bandit6@bandit:~$ find \/ -type f -size 33c -user bandit7 -group bandit6 2&gt;&amp;1 | grep -v denied | grep -v &#8216;No such&#8217; \/var\/lib\/dpkg\/info\/bandit7.password bandit6@bandit:~$ &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/huzi-baozi.com\/?p=1205\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Bandit Level 6 \u2192 Level 7&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-1205","post","type-post","status-publish","format-standard","hentry","category-bandit"],"_links":{"self":[{"href":"https:\/\/huzi-baozi.com\/index.php?rest_route=\/wp\/v2\/posts\/1205","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/huzi-baozi.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/huzi-baozi.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/huzi-baozi.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/huzi-baozi.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1205"}],"version-history":[{"count":1,"href":"https:\/\/huzi-baozi.com\/index.php?rest_route=\/wp\/v2\/posts\/1205\/revisions"}],"predecessor-version":[{"id":1206,"href":"https:\/\/huzi-baozi.com\/index.php?rest_route=\/wp\/v2\/posts\/1205\/revisions\/1206"}],"wp:attachment":[{"href":"https:\/\/huzi-baozi.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1205"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/huzi-baozi.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1205"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/huzi-baozi.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1205"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}