Level Goal

To gain access to the next level, you should use the setuid binary in the homedirectory. Execute it without arguments to find out how to use it. The password for this level can be found in the usual place (/etc/bandit_pass), after you have used the setuid binary.

My Answer (Step by step)

  1. 連線到伺服器並登入
ssh bandit19@bandit.labs.overthewire.org -p 2220
  1. 透過 ls 指令可以發現目錄中有一個檔案 bandit20-do,可以直接使用該檔案查看如何使用它
ls
./bandit20-do
# Run a command as another user.
#   Example: ./bandit20-do id

根據程式結果說明,我們可以透過該檔案以使用者 bandit20 來執行指令

  1. 透過 bandit20-do 檔案使用 cat 指令來呈現 Level 20 密碼!
./bandit20-do cat /etc/bandit_pass/bandit20