Recap of Last LessonWent over finding files by their extension types and very briefly went over I/O operators.

Bandit Level 7

Objective

Find the password to the next level

Intel Given

 

  • The password for the next level is stored somewhere on the server
  • Has the following properties: – owned by user bandit7 – owned by group bandit6 – 33 bytes in size

How to

This is exactly like the last lesson and you should be able to easily figure this out by altering the last command with a few new switches from the find man page.

The new concept I’m going to teach you is error redirection.

You may have noticed the problem below when typing our find command from the top most directory.

bandit7.1

Why do we need to find from the top directory? Well check out our intel. Its stored SOMEWHERE on the server, which means not just in our home folder. Because we’re searching outside of the bandit6 home folder and we’re looking into every file on the system we don’t have read permissions for everything. As a result we get a lot of Permission denied errors which is ugly. We could scroll through all of this but as I’ve already told you. I’m lazy. So I introduce to another form of I/O redirection.

bandit7.2

Essentially by typing ‘2>/dev/null’ you are saying send the errors to /dev/null. ‘2>’ is the redirection operator for standard error (stderr for short). For the sake of simplicity think of /dev/null as a shredder, it just deletes what is sent to it. Notice we have a nice clean output with no errors and only the file that meets those parameters. Now we do a quick verification of the parameters to make sure we have the correct file.

bandit7.3

We see the owner is username bandit7, the group its assigned to is bandit6 its and its 33 bytes in size. cat this file to advance to the next level.

Conclusion

We learned a little bit more about I/O redirection. Have you caught on yet that this is powerful and something to look into? We also learned about /dev/null and how we can use it to send errors to it to clean up our search process.

Hackmethod is proud to announce Mal_Wear by HM. Exploit/Vulnerability themed nerdy t-shirts! Get them while they last. Dismiss