Previous Level: Introduction
ssh email@example.com -p 2223
A little bit of Theory
Backups are an important part of data security. You create a copy of your important files in case of data loss. However, if not correctly secured, backups might be a way for attackers to do privilege escalation. Privilege escalation is a way for an attacker to get more or different access to your computer. In the case of this wargame, we will get access rights of other users.
After logging into the machine through ssh, we can get an overview of the home directory of the current user:
Looking at the permissions for the different users and groups, we can see that we - as user ’leviathan0’ - have read (and execute) permissions for the
.backup folder. So we can check out its content:
So the folder contains one file called
bookmarks.html. However, we can also see that it is a very large file. So manually looking through the content is not a good idea. Still, let’s first get an idea of the structure of the content:
Based on the file name, it is an Html file that contains bookmarks. Looking at the first few lines of the file seems to confirm that. Now, there are different ways to look through the file, as well as different things to look for. We could search for a password, but since it contains bookmarks, my idea was to search for ’leviathan’ with the
My idea seemed to be correct. We found a bookmark entry that contained a site from the OverTheWire Leviathan URL. In this bookmark, we can also find the password for the next level.
Next Level: Level 2