{"id":771,"date":"2015-02-22T19:33:13","date_gmt":"2015-02-22T19:33:13","guid":{"rendered":"https:\/\/www.hackmethod.com\/?p=771"},"modified":"2022-06-03T05:39:11","modified_gmt":"2022-06-03T05:39:11","slug":"overthewire-bandit-20","status":"publish","type":"post","link":"https:\/\/hackmethod.com\/overthewire-bandit-20\/","title":{"rendered":"OvertheWire &#8211; Bandit 20"},"content":{"rendered":"<p>[et_pb_section fb_built=&#8221;1&#8243; admin_label=&#8221;section&#8221; _builder_version=&#8221;3.22&#8243;][et_pb_row admin_label=&#8221;row&#8221; _builder_version=&#8221;3.25&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;3.25&#8243; custom_padding=&#8221;|||&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_text admin_label=&#8221;Text&#8221; _builder_version=&#8221;4.7.5&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221; hover_enabled=&#8221;0&#8243; sticky_enabled=&#8221;0&#8243;]<strong>Recap of Level 20<\/strong>:\u00a0 Learn about environmental variables and .bashrc<\/p>\n<p>&nbsp;<\/p>\n<p><strong><a href=\"http:\/\/overthewire.org\/wargames\/bandit\/bandit20.html\" target=\"_blank\" rel=\"noopener\">Bandit Level 20<\/a><\/strong><\/p>\n<h4><strong>Objective:<\/strong><\/h4>\n<p>Find the password<\/p>\n<h4><strong>Intel Given:<\/strong><\/h4>\n<ul>\n<li>To gain access to the next level, you should use the setuid binary in the home directory. Execute it without arguments to find out how to use it.<\/li>\n<li>The password for this level can be found in the usual place (\/etc\/bandit_pass), after you have used to setuid binary.<\/li>\n<\/ul>\n<p><!--more--><\/p>\n<h4><strong>How to:<\/strong><\/h4>\n<p>For once the it looks like I have nothing to preach about before checking out the file that&#8217;s in our home directory, so let&#8217;s check it out!<\/p>\n<p><a href=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/screen1.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" data-attachment-id=\"772\" data-permalink=\"https:\/\/hackmethod.com\/overthewire-bandit-20\/screen1\/\" data-orig-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen1.png?fit=213%2C49&amp;ssl=1\" data-orig-size=\"213,49\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"badnit20screen1\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen1.png?fit=213%2C49&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen1.png?fit=213%2C49&amp;ssl=1\" class=\"aligncenter wp-image-772 size-full\" src=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/screen1.png?resize=213%2C49&#038;ssl=1\" alt=\"bandit level 20\" width=\"213\" height=\"49\" \/><\/a><\/p>\n<p>Like the intel suggested there\u2019s a file in our home directory, the next suggestion is to execute without arguments so let\u2019s do that. Executing files on Unix systems is accomplished very simply by giving the path to the file. If you are in the current directory as the file this is simply used as typing .\/, which you may remember invokes the path name up to the current directory. Which currently is \/home\/bandit19\/.<\/p>\n<p><a href=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/screen2.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" data-attachment-id=\"773\" data-permalink=\"https:\/\/hackmethod.com\/overthewire-bandit-20\/screen2\/\" data-orig-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen2.png?fit=273%2C49&amp;ssl=1\" data-orig-size=\"273,49\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"badnit20screen2\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen2.png?fit=273%2C49&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen2.png?fit=273%2C49&amp;ssl=1\" class=\"aligncenter wp-image-773 size-full\" src=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/screen2.png?resize=273%2C49&#038;ssl=1\" alt=\"bandit level 20\" width=\"273\" height=\"49\" srcset=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen2.png?w=273&amp;ssl=1 273w, https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen2.png?resize=267%2C49&amp;ssl=1 267w\" sizes=\"(max-width: 273px) 100vw, 273px\" \/><\/a><\/p>\n<p>If we wanted to execute the file while we were in another directory, for example the home directory, we would just give the path to the file, like so.<\/p>\n<p><a href=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/screen3.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" data-attachment-id=\"774\" data-permalink=\"https:\/\/hackmethod.com\/overthewire-bandit-20\/screen3\/\" data-orig-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen3.png?fit=378%2C49&amp;ssl=1\" data-orig-size=\"378,49\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"badnit20screen3\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen3.png?fit=300%2C39&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen3.png?fit=378%2C49&amp;ssl=1\" class=\" wp-image-774 size-full aligncenter\" src=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/screen3.png?resize=378%2C49&#038;ssl=1\" alt=\"badnit20screen3\" width=\"378\" height=\"49\" srcset=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen3.png?w=378&amp;ssl=1 378w, https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen3.png?resize=300%2C39&amp;ssl=1 300w\" sizes=\"(max-width: 378px) 100vw, 378px\" \/><\/a><\/p>\n<p>The file gives us an example to try running an argument so let&#8217;s try it.<\/p>\n<p><a href=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/ban20screen4.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" data-attachment-id=\"783\" data-permalink=\"https:\/\/hackmethod.com\/overthewire-bandit-20\/ban20screen4\/\" data-orig-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/ban20screen4.png?fit=404%2C50&amp;ssl=1\" data-orig-size=\"404,50\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"ban20screen4\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/ban20screen4.png?fit=300%2C37&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/ban20screen4.png?fit=404%2C50&amp;ssl=1\" class=\"aligncenter wp-image-783 size-full\" src=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/ban20screen4.png?resize=404%2C50&#038;ssl=1\" alt=\"bandit level 20\" width=\"404\" height=\"50\" srcset=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/ban20screen4.png?w=404&amp;ssl=1 404w, https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/ban20screen4.png?resize=300%2C37&amp;ssl=1 300w\" sizes=\"(max-width: 404px) 100vw, 404px\" \/><\/a><\/p>\n<p>Looks like we have a bunch of identifications numbers here. They are separated into a few different categories, let\u2019s go over a few. \u00a0Uid\u2019s are user identification numbers and are unique to each users. Uids of normal users start at 1000 and are theoretically unlimited, user number 0 is root, 1-99 are reserved for other predefined accounts, and 100-999 are reserved for other system account and groups. gid is a group id, remember a few lessons ago when we had to change our ssh -key file permission to only us to be able to log on. We had to change them because we allowed people in our group access to our ssh-key file. If our group members have read permission it they could copy it, making it a not so private key. If they have write permission they could change something in our key file, rendering us unable to logon, and possibly causing us to never logon again.<\/p>\n<p>An euid is also known as an effective user id. This is the one that is used when the system checks whether the user in question has sufficient permissions.<\/p>\n<p>I have a feeling that the file that has the next password will only have read permission for bandit20 user, but let\u2019s see.<\/p>\n<p><a href=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/screen5.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" data-attachment-id=\"776\" data-permalink=\"https:\/\/hackmethod.com\/overthewire-bandit-20\/screen5\/\" data-orig-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen5.png?fit=401%2C34&amp;ssl=1\" data-orig-size=\"401,34\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"badnit20screen5\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen5.png?fit=300%2C25&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen5.png?fit=401%2C34&amp;ssl=1\" class=\"aligncenter wp-image-776 size-full\" src=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/screen5.png?resize=401%2C34&#038;ssl=1\" alt=\"bandit level 20\" width=\"401\" height=\"34\" srcset=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen5.png?w=401&amp;ssl=1 401w, https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen5.png?resize=300%2C25&amp;ssl=1 300w\" sizes=\"(max-width: 401px) 100vw, 401px\" \/><\/a><\/p>\n<p>Hmm permission denied, let\u2019s see if we run our binary file what will happen<\/p>\n<p><a href=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/screen6.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" data-attachment-id=\"777\" data-permalink=\"https:\/\/hackmethod.com\/overthewire-bandit-20\/screen6\/\" data-orig-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen6.png?fit=517%2C38&amp;ssl=1\" data-orig-size=\"517,38\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"bandit20screen6\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen6.png?fit=300%2C22&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen6.png?fit=517%2C38&amp;ssl=1\" class=\"  aligncenter wp-image-777 size-full\" src=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/screen6.png?resize=517%2C38&#038;ssl=1\" alt=\"bandit level 20\" width=\"517\" height=\"38\" srcset=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen6.png?w=517&amp;ssl=1 517w, https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen6.png?resize=300%2C22&amp;ssl=1 300w, https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen6.png?resize=514%2C38&amp;ssl=1 514w\" sizes=\"(max-width: 517px) 100vw, 517px\" \/><\/a><\/p>\n<p>Looks like a password to the next level to me!<\/p>\n<h4><strong>Conclusion:<\/strong><\/h4>\n<p>Learned about user ids and effective user ids, file permissions, and how to run executables.<br \/>\n[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=&#8221;1_2,1_2&#8243; _builder_version=&#8221;4.7.5&#8243; _module_preset=&#8221;default&#8221;][et_pb_column type=&#8221;1_2&#8243; _builder_version=&#8221;4.7.5&#8243; _module_preset=&#8221;default&#8221;][et_pb_image src=&#8221;https:\/\/hackmethod.com\/wp-content\/uploads\/2020\/12\/Previous.png&#8221; alt=&#8221;Previous Level&#8221; title_text=&#8221;Previous&#8221; url=&#8221;https:\/\/hackmethod.com\/overthewire-bandit-19&#8243; _builder_version=&#8221;4.7.5&#8243; _module_preset=&#8221;default&#8221;][\/et_pb_image][\/et_pb_column][et_pb_column type=&#8221;1_2&#8243; _builder_version=&#8221;4.7.5&#8243; _module_preset=&#8221;default&#8221;][et_pb_image src=&#8221;https:\/\/hackmethod.com\/wp-content\/uploads\/2020\/12\/Next.png&#8221; alt=&#8221;Next Level&#8221; title_text=&#8221;Next&#8221; url=&#8221;https:\/\/hackmethod.com\/overthewire-bandit-21&#8243; align=&#8221;right&#8221; _builder_version=&#8221;4.7.5&#8243; _module_preset=&#8221;default&#8221;][\/et_pb_image][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Recap of Level 20:\u00a0 Learn about environmental variables and .bashrc &nbsp; Bandit Level 20 Objective: Find the password Intel Given: To gain access to the next level, you should use the setuid binary in the home directory. Execute it without arguments to find out how to use it. The password for this level can be [&hellip;]<\/p>\n","protected":false},"author":8,"featured_media":772,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"<strong><a href=\"https:\/\/www.hackmethod.com\/overthewire-bandit-19\/\" target=\"_blank\">Recap of Last Lesson<\/a><\/strong>: Learn about environmental variables and .bashrc\r\n\r\n<strong><a href=\"http:\/\/overthewire.org\/wargames\/bandit\/bandit20.html\" target=\"_blank\">Bandit Level 20<\/a><\/strong>\r\n\r\n<strong>Objective<\/strong>\r\n\r\nFind the password\r\n\r\n<strong>Intel Given<\/strong>\r\n<ul>\r\n\t<li>To gain access to the next level, you should use the setuid binary in the home directory. Execute it without arguments to find out how to use it.<\/li>\r\n\t<li>The password for this level can be found in the usual place (\/etc\/bandit_pass), after you have used to setuid binary.<\/li>\r\n<\/ul>\r\n<!--more-->\r\n\r\n<strong>How to<\/strong>\r\n\r\nFor once the it looks like I have nothing to preach about before checking out the file that's in our home directory, so let's check it out!\r\n\r\n<a href=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/screen1.png\"><img class=\"aligncenter wp-image-772 size-full\" src=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/screen1.png\" alt=\"bandit level 20\" width=\"213\" height=\"49\" \/><\/a>\r\n\r\nLike the intel suggested there\u2019s a file in our home directory, the next suggestion is to execute without arguments so let\u2019s do that. Executing files on Unix systems is accomplished very simply by giving the path to the file. If you are in the current directory as the file this is simply used as typing .\/, which you may remember invokes the path name up to the current directory. Which currently is \/home\/bandit19\/.\r\n\r\n<a href=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/screen2.png\"><img class=\"aligncenter wp-image-773 size-full\" src=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/screen2.png\" alt=\"bandit level 20\" width=\"273\" height=\"49\" \/><\/a>\r\n\r\nIf we wanted to execute the file while we were in another directory, for example the home directory, we would just give the path to the file, like so.\r\n\r\n<a href=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/screen3.png\"><img class=\" wp-image-774 size-full aligncenter\" src=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/screen3.png\" alt=\"badnit20screen3\" width=\"378\" height=\"49\" \/><\/a>\r\n\r\nThe file gives us an example to try running an argument so let's try it.\r\n\r\n<a href=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/ban20screen4.png\"><img class=\"aligncenter wp-image-783 size-full\" src=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/ban20screen4.png\" alt=\"bandit level 20\" width=\"404\" height=\"50\" \/><\/a>\r\n\r\nLooks like we have a bunch of identifications numbers here. They are separated into a few different categories, let\u2019s go over a few. \u00a0Uid\u2019s are user identification numbers and are unique to each users. Uids of normal users start at 1000 and are theoretically unlimited, user number 0 is root, 1-99 are reserved for other predefined accounts, and 100-999 are reserved for other system account and groups. gid is a group id, remember a few lessons ago when we had to change our ssh -key file permission to only us to be able to log on. We had to change them because we allowed people in our group access to our ssh-key file. If our group members have read permission it they could copy it, making it a not so private key. If they have write permission they could change something in our key file, rendering us unable to logon, and possibly causing us to never logon again.\r\n\r\nAn euid is also known as an effective user id. This is the one that is used when the system checks whether the user in question has sufficient permissions.\r\n\r\nI have a feeling that the file that has the next password will only have read permission for bandit20 user, but let\u2019s see.\r\n\r\n<a href=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/screen5.png\"><img class=\"aligncenter wp-image-776 size-full\" src=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/screen5.png\" alt=\"bandit level 20\" width=\"401\" height=\"34\" \/><\/a>\r\n\r\nHmm permission denied, let\u2019s see if we run our binary file what will happen\r\n\r\n<a href=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/screen6.png\"><img class=\"  aligncenter wp-image-777 size-full\" src=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/02\/screen6.png\" alt=\"bandit level 20\" width=\"517\" height=\"38\" \/><\/a>\r\n\r\nLooks like a password to the next level to me!\r\n\r\n<strong>Conclusion<\/strong>\r\n\r\nLearned about user ids and effective user ids, file permissions, and how to run executables.","_et_gb_content_width":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[52,44,49],"tags":[43,45,46],"class_list":["post-771","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hacking","category-overthewire","category-tutorials","tag-bandit","tag-overthewire","tag-tutorials"],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/02\/screen1.png?fit=213%2C49&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p5zY4D-cr","_links":{"self":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts\/771","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/comments?post=771"}],"version-history":[{"count":7,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts\/771\/revisions"}],"predecessor-version":[{"id":27562,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts\/771\/revisions\/27562"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/media\/772"}],"wp:attachment":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/media?parent=771"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/categories?post=771"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/tags?post=771"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}