{"id":1237,"date":"2019-09-09T14:02:26","date_gmt":"2019-09-09T06:02:26","guid":{"rendered":"http:\/\/van-yzt.com\/?p=1237"},"modified":"2019-09-09T14:02:26","modified_gmt":"2019-09-09T06:02:26","slug":"bandit-level-19-%e2%86%92-level-20","status":"publish","type":"post","link":"https:\/\/huzi-baozi.com\/?p=1237","title":{"rendered":"Bandit Level 19 \u2192 Level 20"},"content":{"rendered":"<p>To gain access to the next level, you should use the setuid binary in the homedirectory. Execute it without arguments to find out how to use it. The password for this level can be found in the usual place (\/etc\/bandit_pass), after you have used the setuid binary.<\/p>\n<h2>\n\u89e3\u5bc6<\/h2>\n<pre><code class=\"language-shell\">bandit19@bandit:~$ ls -l\ntotal 8\n-rwsr-x--- 1 bandit20 bandit19 7296 Oct 16  2018 bandit20-do\nbandit19@bandit:~$ .\/bandit20-do cat \/etc\/bandit_pass\/bandit20\nGbKksEFF4yrVs6il55v6gwY5aVje5f0j\n<\/code><\/pre>\n<h2>\n\u77e5\u8bc6\u70b9<\/h2>\n<ol>\n<li>\n<code>ls -l<\/code>\u770b\u5230\u6587\u4ef6<code>bandit20-do<\/code>\u5728\u6267\u884c\u4f4d\u4e0a\u7684\u6807\u5fd7\u4e3a<code>s<\/code>\uff0c\u8868\u540d\u8bbe\u7f6e\u4e86setuid\uff0c\u5373\u201c\u6267\u884c\u8be5\u6587\u4ef6\u4f1a\u4ee5\u6587\u4ef6\u6240\u6709\u8005\u7684\u8eab\u4efd\u201d\uff0c\u800c\u975e\u666e\u901a\u7684\u6267\u884c\u8005\u8eab\u4efd\uff1b<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>To gain access to the next level, you should use the setuid binary in the homedirectory. Execute it without arguments to find out how to use it. The password for this level can be found in the usual place (\/etc\/bandit_pass), after you have used the setuid binary. \u89e3\u5bc6 bandit19@bandit:~$ ls -l total 8 -rwsr-x&#8212; 1 &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/huzi-baozi.com\/?p=1237\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Bandit Level 19 \u2192 Level 20&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-1237","post","type-post","status-publish","format-standard","hentry","category-bandit"],"_links":{"self":[{"href":"https:\/\/huzi-baozi.com\/index.php?rest_route=\/wp\/v2\/posts\/1237","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/huzi-baozi.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/huzi-baozi.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/huzi-baozi.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/huzi-baozi.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1237"}],"version-history":[{"count":1,"href":"https:\/\/huzi-baozi.com\/index.php?rest_route=\/wp\/v2\/posts\/1237\/revisions"}],"predecessor-version":[{"id":1238,"href":"https:\/\/huzi-baozi.com\/index.php?rest_route=\/wp\/v2\/posts\/1237\/revisions\/1238"}],"wp:attachment":[{"href":"https:\/\/huzi-baozi.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1237"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/huzi-baozi.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1237"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/huzi-baozi.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1237"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}