Leviathan · OverTheWire

Leviathan Level 6 → Level 7

Level 6

Username : leviathan6
Password : Tith4cokei
SSH leviathan.labs.overthewire.org:2223

Solution

To solve this level, we first ssh into the leviathan6 server using the credentials provided above.

Screenshot from 2017-07-19 15-03-37.png

As we can see, the server contains an executable which requires a 4 digit code and probably compares it with something. If the number matches what the executable expects, we will hopefully be able to access our password file. Let’s run gdb on the executable to learn more about it. The application uses function atoi() and then compares the value returned with our input. If we can learn the number, we can enter the same number and allow the executable to proceed further.

Screenshot from 2017-07-19 14-50-33.png

As we can see, the number is 7123. Let’s see what happens if we use that number in the argument.

Screenshot from 2017-07-19 14-46-36.png

As we can see, the executable logs us in as leviathan7 and now we can access the password file.

Level 7

Username : leviathan7
Password : ahy7MaeBo9
SSH : leviathan.labs.overthewire.org:2223 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s