Level Goal
A program is running automatically at regular intervals from cron, the time-based job scheduler. Look in /etc/cron.d/ for the configuration and see what command is being executed.

NOTE: Looking at shell scripts written by other people is a very useful skill. The script for this level is intentionally made easy to read. If you are having problems understanding what it does, try executing it to see the debug information it prints.

Walkthrough
So lets see what script the cronjob is executing
ls /etc/cron.d

It is executing a file /usr/bin.cronjob_bandit23.sh, lets cat this file
cat /usr/bin.cronjob_bandit23.sh

So there are two variables, one is the myname who executes the whoami command and saves it. So this would be the username of the user. The second one is a variable name mytarget wich echoes myname, pipes this to md5sum which makes an md5 hash of the name and then cuts the contents.

Then is copies the passwordfile of the whoami to the mytarget variable, wich is an md5sum of the username.

So lets see what this md5sum does.
echo bandit23 | md5sum

output:
35964510399388ff8cd7da6f7927c82b

So is there a folder in /tmp with this md5 has? No there is not. I checked the script again, it does not just echo the whoami but also some text. So this changed the hash. Lets do those steps over
echo I am user bandit23 | md5sum
cat /tmp/8ca319486bfbbc3663ea0fbe81326349

and there is the password: jc1udXuA1tiHqjIsL8yaapX5XIAI6i0n

Leave a Reply

Your email address will not be published. Required fields are marked *