OverTheWire Bandit Write Up – Level 19

The last level wasn’t too difficult, however, it did get me looking at the levels differently. Hopefully the bandit level 19 will continue to open my eyes to new techniques. If you haven’t had a chance to read my OverTheWire Bandit Write Up – Level 18 write up, give it a quick read then head back over here.

Level 19

To gain the password for the next level I need to read the password in the `/etc/bandit_pass` directory. However, the files in that directory only allow the level user to view their own password. To be able to view the password for a different level I will need to use the setuid binary provided.

Let’s Start Hacking Then

As normal the first thing that I need to do is to Initiate a SSH connection to the bandit level 19 system. I do this with the following command;

ssh bandit19@bandit.labs.overthewire.org -p 2220

Once I got return I am asked for a password. I enter the one I got from the last level and I am in. Now I just need to try out this setuid binary.

Before I can do anything I need to check the file location, I run the ls command and see a bandit20-do binary in the current directory. Now I just need to test the binary, I do that with the following command;


After the command runs I am presented with a message that I can use the binary to execute anything as a different user. Knowing this I decided to run the following command to see if I can get the next password

./bandit20-do cat /etc/bandit_pass/bandit20

…and Wham! Bam! Thank you ma’am! I have the password now for level 20.

Level 19 Complete

I have hidden the password here, if you are playing along don’t peek! Please! It’s more fun getting it yourself.

Leave a Reply