Login as bandit25 with the password we obtained in the http://www.anonhack.in/?p=1347
The hint for this level says:
Logging in to bandit26 from bandit25 should be fairly easy… The shell for user bandit26 is not /bin/bash, but something else. Find out what it is, how it works and how to break out of it.
This is a tricky level. Got me confused for a bit, but eventually I found a solution to it.
The hint is asking us to find out the shell that this level uses.
So I used this command to check the bandit26 shell which is /usr/bin/showtext
The hint asked us to check what the shell does. So here it is. It reads a file named text.txt using more!
I tried to make connection via the sshkey which is given to us, you can find it in bandit25 homedirectory.
So I used this command to make connection to bandit26 from bandit25.
The Connection gets closed everytime you visit it. So I have tried to kick in /bin/bash via ssh connection but it doesnt give us anything.
Let’s take a look again at More command. More is like cat, it shows us the document. but More shows a single page at a time so we can pause it. Now here the connection is closed without showing us the pause. So the trick here is to make the terminal smaller so it cannot show us the entire bandit26 banner. This way we have read more pause here in the terminal. Now all you have to do is use MORE flags we get what you want.
Press v , it will help edit this file
:e cat /etc/bandit_pass/bandit26 will execute the cat command to show us what is the password.
There you go!