{"id":836,"date":"2015-03-08T19:00:02","date_gmt":"2015-03-08T19:00:02","guid":{"rendered":"https:\/\/www.hackmethod.com\/?p=836"},"modified":"2022-06-03T05:39:11","modified_gmt":"2022-06-03T05:39:11","slug":"overthewire-bandit-23","status":"publish","type":"post","link":"https:\/\/hackmethod.com\/overthewire-bandit-23\/","title":{"rendered":"OvertheWire &#8211; Bandit 23"},"content":{"rendered":"<p>[et_pb_section fb_built=&#8221;1&#8243; admin_label=&#8221;section&#8221; _builder_version=&#8221;3.22&#8243;][et_pb_row admin_label=&#8221;row&#8221; _builder_version=&#8221;3.25&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;3.25&#8243; custom_padding=&#8221;|||&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_text admin_label=&#8221;Text&#8221; _builder_version=&#8221;4.7.5&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221; hover_enabled=&#8221;0&#8243; sticky_enabled=&#8221;0&#8243;]<strong>Recap of Level 22:\u00a0<\/strong>Learned about cron and reading scripts.<\/p>\n<p>&nbsp;<\/p>\n<p><a href=\"http:\/\/overthewire.org\/wargames\/bandit\/bandit23.html\" target=\"_blank\" rel=\"noopener\"><strong>Bandit Level 23<\/strong><\/a><\/p>\n<h4><strong>Objective:<\/strong><\/h4>\n<p>Find the password to the next level<\/p>\n<h4><strong>Intel Given:<\/strong><\/h4>\n<ul>\n<li>A program is running automatically at regular intervals from <b>cron<\/b>, the time-based job scheduler. Look in <b>\/etc\/cron.d\/<\/b> for the configuration and see what command is being executed.<\/li>\n<\/ul>\n<p><b> NOTE:<\/b>Looking at shell scripts written by other people is a very useful skill. The script for this level is intentionally made easy to read. If you are having problems understanding what it does, try executing it to see the debug information it prints.<\/p>\n<p><!--more--><\/p>\n<h4><strong>How to:<\/strong><\/h4>\n<p>I\u2019m going to warn you now, this is the first level that will require some real outside-the-box thinking that is part of what makes hackers so good at what they do. Don\u2019t feel bad if this level isn\u2019t clear to you at first, or even if it\u2019s still not clear after reading this walkthrough. A lot of these topics are going to be hard to explain in the small space we have, so if things are unclear check the suggested readings sections for further instruction on things we talk about.<\/p>\n<p>We have another script running in cron that we have to decipher. Sounds easy enough, I think I saw it last time we were in the \/etc\/cron.d directory so let\u2019s go over and check it out.<\/p>\n<p><a href=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-1.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" data-attachment-id=\"837\" data-permalink=\"https:\/\/hackmethod.com\/overthewire-bandit-23\/bandit23-1\/\" data-orig-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-1.png?fit=642%2C167&amp;ssl=1\" data-orig-size=\"642,167\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"bandit23-1\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-1.png?fit=300%2C78&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-1.png?fit=642%2C167&amp;ssl=1\" class=\"alignnone size-full wp-image-837\" src=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-1.png?resize=642%2C167&#038;ssl=1\" alt=\"bandit23-1\" style=\"display: block; margin-left: auto; margin-right: auto;\" width=\"642\" height=\"167\" srcset=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-1.png?w=642&amp;ssl=1 642w, https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-1.png?resize=600%2C156&amp;ssl=1 600w, https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-1.png?resize=300%2C78&amp;ssl=1 300w\" sizes=\"(max-width: 642px) 100vw, 642px\" \/><\/a><\/p>\n<p>Well it looks a little more complicated than the last one. But once we break it down I have a feeling that it\u2019s pretty easy.<\/p>\n<p>Let\u2019s start with the first line. If you are familiar with programming (or algebra) it may look familiar. You will find that when writing scripts you will have to deal with some things in the same ways, but change what you are dealing with. For example, say we want to write a script that will square whatever number we pass to the script. We need a way to tell the script to deal with whatever number we put in and multiply it by itself. The way we accomplish this is by creating variables. The variable like in algebra is just a representative of something else that we will decide later. When writing scripts we denote variables by naming it whatever you like, usually something descriptive, and then a dollar sign followed by whatever you want your variable to be. In our example above the author of this script has decided that the variable myname is going to be the output of the whoami command, which returns the current user name.<\/p>\n<p>As you can see in the next line mytarget is a variable for a lot more that just a whoami command. It appears that mytarget is creating an md5 hashsum of the text \u201cI am user $currentuser\u201d. A hash sum is a fixed length output that is a function of the input, whatever it may be. What that means is that the hash function analyzes the input in our example below the text fox, then the hash function outputs a string of text that represents the text fox. The outputs are unique to fox within the md5 sum function. When we input fix into a md5 function we get a totally different output.<\/p>\n<p><a href=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-2.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" data-attachment-id=\"838\" data-permalink=\"https:\/\/hackmethod.com\/overthewire-bandit-23\/bandit23-2\/\" data-orig-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-2.png?fit=445%2C73&amp;ssl=1\" data-orig-size=\"445,73\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"bandit23-2\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-2.png?fit=300%2C49&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-2.png?fit=445%2C73&amp;ssl=1\" class=\"alignnone size-full wp-image-838\" src=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-2.png?resize=445%2C73&#038;ssl=1\" alt=\"bandit23-2\" style=\"display: block; margin-left: auto; margin-right: auto;\" width=\"445\" height=\"73\" srcset=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-2.png?w=445&amp;ssl=1 445w, https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-2.png?resize=300%2C49&amp;ssl=1 300w\" sizes=\"(max-width: 445px) 100vw, 445px\" \/><\/a><\/p>\n<p>You can use hash functions to create hash sums of any file. Hash sums are often used to ensure that the file has not been modified. This is often done for software that is distributed via the internet. If you\u2019re having trouble understanding hashes and how they work check the further reading section for some articles strictly about hashes. Now let\u2019s get back to our script.<\/p>\n<p>After the variable declarations it looks like we have a few simple lines that output that the script is copying the password for the level and to a file in the temp folder. It sounds pretty easy to do so let\u2019s run it.<\/p>\n<p><a href=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-3.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" data-attachment-id=\"839\" data-permalink=\"https:\/\/hackmethod.com\/overthewire-bandit-23\/bandit23-3\/\" data-orig-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-3.png?fit=728%2C59&amp;ssl=1\" data-orig-size=\"728,59\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"bandit23-3\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-3.png?fit=300%2C24&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-3.png?fit=728%2C59&amp;ssl=1\" class=\"alignnone size-full wp-image-839\" src=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-3.png?resize=728%2C59&#038;ssl=1\" alt=\"bandit23-3\" style=\"display: block; margin-left: auto; margin-right: auto;\" width=\"728\" height=\"59\" srcset=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-3.png?w=728&amp;ssl=1 728w, https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-3.png?resize=600%2C49&amp;ssl=1 600w, https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-3.png?resize=300%2C24&amp;ssl=1 300w\" sizes=\"(max-width: 728px) 100vw, 728px\" \/><\/a><\/p>\n<p>Alright so there\u2019s a file in tmp with the password for bandit22, the problem is we already have the password for bandit22 since that\u2019s our current level. It seems we\u2019re stuck but let\u2019s think a little bit about what\u2019s happening in our script. the script is taking our username (using the whoami) command and putting it into a string which is being hashed. The hash of the string is being used to denote a filename in \/tmp\/ where the password is. If we want the password for bandit23 let\u2019s see what\u2019s in the file that\u2019s named the hash of the string \u201cI am user bandit23\u201d.<\/p>\n<p><a href=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-4.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" data-attachment-id=\"840\" data-permalink=\"https:\/\/hackmethod.com\/overthewire-bandit-23\/bandit23-4\/\" data-orig-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-4.png?fit=637%2C38&amp;ssl=1\" data-orig-size=\"637,38\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"bandit23-4\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-4.png?fit=300%2C18&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-4.png?fit=637%2C38&amp;ssl=1\" class=\"alignnone size-full wp-image-840\" src=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-4.png?resize=637%2C38&#038;ssl=1\" alt=\"bandit23-4\" style=\"display: block; margin-left: auto; margin-right: auto;\" width=\"637\" height=\"38\" srcset=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-4.png?w=637&amp;ssl=1 637w, https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-4.png?resize=600%2C36&amp;ssl=1 600w, https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-4.png?resize=300%2C18&amp;ssl=1 300w\" sizes=\"(max-width: 637px) 100vw, 637px\" \/><\/a><\/p>\n<p>Okay let\u2019s see what the file has in \/tmp.<\/p>\n<p><a href=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-5.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" data-attachment-id=\"841\" data-permalink=\"https:\/\/hackmethod.com\/overthewire-bandit-23\/bandit23-5\/\" data-orig-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-5.png?fit=554%2C42&amp;ssl=1\" data-orig-size=\"554,42\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"bandit23-5\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-5.png?fit=300%2C23&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-5.png?fit=554%2C42&amp;ssl=1\" class=\"alignnone size-full wp-image-841\" src=\"https:\/\/i0.wp.com\/www.hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-5.png?resize=554%2C42&#038;ssl=1\" alt=\"bandit23-5\" style=\"display: block; margin-left: auto; margin-right: auto;\" width=\"554\" height=\"42\" srcset=\"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-5.png?w=554&amp;ssl=1 554w, https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-5.png?resize=300%2C23&amp;ssl=1 300w\" sizes=\"(max-width: 554px) 100vw, 554px\" \/><\/a><\/p>\n<p>Looks like the password to bandit23!<\/p>\n<h4><strong>Conclusion:<\/strong><\/h4>\n<p>We learned a lot in this lesson, including setting variables in shell scripts, hash functions, and thinking outside of the box. Don\u2019t feel intimidated if you didn\u2019t quite get what\u2019s happening in this level, read the suggested readings and it will become clearer.<\/p>\n<p>Suggested Readings:<\/p>\n<p><a href=\"http:\/\/pcsupport.about.com\/od\/termsc\/g\/checksum.htm\" target=\"_blank\" rel=\"noopener\">http:\/\/pcsupport.about.com\/od\/termsc\/g\/checksum.htm<\/a><\/p>\n<p><a href=\"https:\/\/en.wikipedia.org\/wiki\/Hash_function\" target=\"_blank\" rel=\"noopener\">https:\/\/en.wikipedia.org\/wiki\/Hash_function<\/a><\/p>\n<p><a href=\"http:\/\/unixgeeks.org\/security\/newbie\/unix\/cron-1.html\" target=\"_blank\" rel=\"noopener\">http:\/\/unixgeeks.org\/security\/newbie\/unix\/cron-1.html<\/a><\/p>\n<p><a href=\"http:\/\/unixgeeks.org\/security\/newbie\/unix\/cron-1.html\" target=\"_blank\" rel=\"noopener\">\u00a0<\/a><\/p>\n<p>[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.7.5&#8243; _module_preset=&#8221;default&#8221; column_structure=&#8221;1_2,1_2&#8243;][et_pb_column _builder_version=&#8221;4.7.5&#8243; _module_preset=&#8221;default&#8221; type=&#8221;1_2&#8243;][et_pb_image src=&#8221;https:\/\/hackmethod.com\/wp-content\/uploads\/2020\/12\/Previous.png&#8221; _builder_version=&#8221;4.7.5&#8243; _module_preset=&#8221;default&#8221; alt=&#8221;Previous Level&#8221; title_text=&#8221;Previous&#8221; url=&#8221;https:\/\/hackmethod.com\/overthewire-bandit-22&#8243; hover_enabled=&#8221;0&#8243; sticky_enabled=&#8221;0&#8243;][\/et_pb_image][\/et_pb_column][et_pb_column _builder_version=&#8221;4.7.5&#8243; _module_preset=&#8221;default&#8221; type=&#8221;1_2&#8243;][et_pb_image src=&#8221;https:\/\/hackmethod.com\/wp-content\/uploads\/2020\/12\/Next.png&#8221; _builder_version=&#8221;4.7.5&#8243; _module_preset=&#8221;default&#8221; alt=&#8221;Next Level&#8221; title_text=&#8221;Next&#8221; url=&#8221;https:\/\/hackmethod.com\/overthewire-bandit-24&#8243; align=&#8221;right&#8221; hover_enabled=&#8221;0&#8243; sticky_enabled=&#8221;0&#8243;][\/et_pb_image][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Recap of Level 22:\u00a0Learned about cron and reading scripts. &nbsp; Bandit Level 23 Objective: Find the password to the next level Intel Given: A program is running automatically at regular intervals from cron, the time-based job scheduler. Look in \/etc\/cron.d\/ for the configuration and see what command is being executed. NOTE:Looking at shell scripts written [&hellip;]<\/p>\n","protected":false},"author":8,"featured_media":837,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"<strong>Recap of <a href=\"https:\/\/www.hackmethod.com\/overthewire-bandit-22-3\/\">Last\u00a0Lesson<\/a>:\u00a0<\/strong>Learned about cron and reading scripts\r\n\r\n<a href=\"http:\/\/overthewire.org\/wargames\/bandit\/bandit23.html\" target=\"_blank\"><strong>Bandit Level 23<\/strong><\/a>\r\n\r\n<strong>Objective<\/strong>\r\n\r\nFind the password to the next level\r\n\r\n<strong>Intel Given<\/strong>\r\n<ul>\r\n\t<li>A program is running automatically at regular intervals from <b>cron<\/b><\/span>, the time-based job scheduler. Look in <b>\/etc\/cron.d\/<\/b> for the configuration and see what command is being executed.<\/li>\r\n<\/ul>\r\n<b> NOTE:<\/b>Looking at shell scripts written by other people is a very useful skill. The script for this level is intentionally made easy to read. If you are having problems understanding what it does, try executing it to see the debug information it prints.\r\n\r\n<!--more-->\r\n\r\n<strong>How to<\/strong>\r\n\r\nI\u2019m going to warn you now, this is the first level that will require some real outside-the-box thinking that is part of what makes hackers so good at what they do. Don\u2019t feel bad if this level isn\u2019t clear to you at first, or even if it\u2019s still not clear after reading this walkthrough. A lot of these topics are going to be hard to explain in the small space we have, so if things are unclear check the suggested readings sections for further instruction on things we talk about.\r\n\r\nWe have another script running in cron that we have to decipher. Sounds easy enough, I think I saw it last time we were in the \/etc\/cron.d directory so let\u2019s go over and check it out.\r\n\r\n<a href=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-1.png\"><img class=\"alignnone size-full wp-image-837\" src=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-1.png\" alt=\"bandit23-1\" width=\"642\" height=\"167\" \/><\/a>\r\n\r\nWell it looks a little more complicated than the last one. But once we break it down I have a feeling that it\u2019s pretty easy.\r\n\r\nLet\u2019s start with the first line. If you are familiar with programming (or algebra) it may look familiar. You will find that when writing scripts you will have to deal with some things in the same ways, but change what you are dealing with. For example, say we want to write a script that will square whatever number we pass to the script. We need a way to tell the script to deal with whatever number we put in and multiply it by itself. The way we accomplish this is by creating variables. The variable like in algebra is just a representative of something else that we will decide later. When writing scripts we denote variables by naming it whatever you like, usually something descriptive, and then a dollar sign followed by whatever you want your variable to be. In our example above the author of this script has decided that the variable myname is going to be the output of the whoami command, which returns the current user name.\r\n\r\nAs you can see in the next line mytarget is a variable for a lot more that just a whoami command. It appears that mytarget is creating an md5 hashsum of the text \u201cI am user $currentuser\u201d. A hash sum is a fixed length output that is a function of the input, whatever it may be. What that means is that the hash function analyzes the input in our example below the text fox, then the hash function outputs a string of text that represents the text fox. The outputs are unique to fox within the md5 sum function. When we input fix into a md5 function we get a totally different output.\r\n\r\n<a href=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-2.png\"><img class=\"alignnone size-full wp-image-838\" src=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-2.png\" alt=\"bandit23-2\" width=\"445\" height=\"73\" \/><\/a>\r\n\r\nYou can use hash functions to create hash sums of any file. Hash sums are often used to ensure that the file has not been modified. This is often done for software that is distributed via the internet. If you\u2019re having trouble understanding hashes and how they work check the further reading section for some articles strictly about hashes. Now let\u2019s get back to our script.\r\n\r\nAfter the variable declarations it looks like we have a few simple lines that output that the script is copying the password for the level and to a file in the temp folder. It sounds pretty easy to do so let\u2019s run it.\r\n\r\n<a href=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-3.png\"><img class=\"alignnone size-full wp-image-839\" src=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-3.png\" alt=\"bandit23-3\" width=\"728\" height=\"59\" \/><\/a>\r\n\r\nAlright so there\u2019s a file in tmp with the password for bandit22, the problem is we already have the password for bandit22 since that\u2019s our current level. It seems we\u2019re stuck but let\u2019s think a little bit about what\u2019s happening in our script. the script is taking our username (using the whoami) command and putting it into a string which is being hashed. The hash of the string is being used to denote a filename in \/tmp\/ where the password is. If we want the password for bandit23 let\u2019s see what\u2019s in the file that\u2019s named the hash of the string \u201cI am user bandit23\u201d.\r\n\r\n<a href=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-4.png\"><img class=\"alignnone size-full wp-image-840\" src=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-4.png\" alt=\"bandit23-4\" width=\"637\" height=\"38\" \/><\/a>\r\n\r\nOkay let\u2019s see what the file has in \/tmp.\r\n\r\n<a href=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-5.png\"><img class=\"alignnone size-full wp-image-841\" src=\"https:\/\/www.hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-5.png\" alt=\"bandit23-5\" width=\"554\" height=\"42\" \/><\/a>\r\n\r\nLooks like the password to bandit23!\r\n\r\n<strong>Conclusion<\/strong>\r\n\r\nWe learned a lot in this lesson, including setting variables in shell scripts, hash functions, and thinking outside of the box. Don\u2019t feel intimidated if you didn\u2019t quite get what\u2019s happening in this level, read the suggested readings and it will become clearer.\r\n\r\nSuggested Readings:\r\n\r\n<a href=\"http:\/\/pcsupport.about.com\/od\/termsc\/g\/checksum.htm\" target=\"_blank\">http:\/\/pcsupport.about.com\/od\/termsc\/g\/checksum.htm<\/a>\r\n\r\n<a href=\"https:\/\/en.wikipedia.org\/wiki\/Hash_function\" target=\"_blank\">https:\/\/en.wikipedia.org\/wiki\/Hash_function<\/a>\r\n\r\n<a href=\"http:\/\/unixgeeks.org\/security\/newbie\/unix\/cron-1.html\" target=\"_blank\">http:\/\/unixgeeks.org\/security\/newbie\/unix\/cron-1.html<\/a>\r\n\r\n<a href=\"http:\/\/unixgeeks.org\/security\/newbie\/unix\/cron-1.html\" target=\"_blank\">\u00a0<\/a>","_et_gb_content_width":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[52,44,49],"tags":[43,45,46],"class_list":["post-836","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hacking","category-overthewire","category-tutorials","tag-bandit","tag-overthewire","tag-tutorials"],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/hackmethod.com\/wp-content\/uploads\/2015\/03\/bandit23-1.png?fit=642%2C167&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p5zY4D-du","_links":{"self":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts\/836","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/comments?post=836"}],"version-history":[{"count":10,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts\/836\/revisions"}],"predecessor-version":[{"id":27575,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts\/836\/revisions\/27575"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/media\/837"}],"wp:attachment":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/media?parent=836"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/categories?post=836"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/tags?post=836"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}