[ Docker ] Bandit Wargame 만들기 - 21번 문제 ( 22 / 33 )

1. Bandit21 목표

A program is running automatically at regular intervals from cron, the time-based job scheduler.
Look in /etc/cron.d/ for the configuration and see what command is being executed.

Commands you may need to solve this level
cron, crontab, crontab(5) (use “man 5 crontab” to access this)

 

2. Bandit21 구현

# 비밀번호 root 입력 접속
ssh -oStrictHostKeyChecking=no root@localhost -p 2220

chown -R root:root /home/bandit21/.[!.]*

echo gE269g2h3mw3pwgrj0Ha9Uoqen1c9DGr > /home/bandit21/.prevpass

chmod 400 /home/bandit21/.prevpass

chown bandit21:bandit21 /home/bandit21/.prevpass

ls -la /etc/cron.d

echo "@reboot bandit22 /usr/bin/cronjob_bandit22.sh &> /dev/null" > /etc/cron.d/cronjob_bandit22
echo "* * * * * bandit22 /usr/bin/cronjob_bandit22.sh &> /dev/null" >> /etc/cron.d/cronjob_bandit22

echo "#!/bin/bash" > /usr/bin/cronjob_bandit22.sh
echo "chmod 644 /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv" >> /usr/bin/cronjob_bandit22.sh
echo "cat /etc/bandit_pass/bandit22 > /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv" >> /usr/bin/cronjob_bandit22.sh

echo Yk7owGAcWjwMVRwrTesJEwB7WVOiILLI > /etc/bandit_pass/bandit22

useradd bandit22 && echo -e "Yk7owGAcWjwMVRwrTesJEwB7WVOiILLI\nYk7owGAcWjwMVRwrTesJEwB7WVOiILLI" | passwd bandit22

chmod 400 /etc/bandit_pass/bandit22

chown bandit22:bandit22 /etc/bandit_pass/bandit22

chmod 750 /usr/bin/cronjob_bandit22.sh

chown bandit22:bandit21 /usr/bin/cronjob_bandit22.sh

chmod 755 /home/bandit22

chown root:root /home/bandit22

 

3. Bandit21 문제풀의

# bandit21 로 설정한 패스워드를 입력하여 접속한다.
# gE269g2h3mw3pwgrj0Ha9Uoqen1c9DGr
ssh -oStrictHostKeyChecking=no bandit21@localhost -p 2220

# 스케쥴러 목록 확인
ls -la /etc/cron.d

# bandit22 스케쥴러 내용 확인
cat /etc/cron.d/cronjob_bandit22

# bandit22 쉘 파일 확인
cat /usr/bin/cronjob_bandit22.sh

# 패스워드 확인
cat /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv