OverTheWire Leviathan Guide

here's how to solve the leviathan level 1 → 2

Back to the Leviathan Guides

Previous Level Guide: Bandit Level 0 → 1

Access

SSH: ssh leviathan1@leviathan.labs.overthewire.org -p 2223

Password: Lxlf0bLYP8

Info

Description: There is no information for this level, intentionally.

Theory

Not much to do with the details from the task, so just skipping to doing it.

Solution

Because the task doesn't tell us anything about the level, first we will use ls -la to see all files regardless they are hidden and some details of the files/folders:

~$ ls -la
total 36
drwxr-xr-x  2 root       root        4096 Sep 19 07:07 .
drwxr-xr-x 83 root       root        4096 Sep 19 07:09 ..
-rw-r--r--  1 root       root         220 Mar 31  2024 .bash_logout
-rw-r--r--  1 root       root        3771 Mar 31  2024 .bashrc
-r-sr-x---  1 leviathan2 leviathan1 15080 Sep 19 07:07 check
-rw-r--r--  1 root       root         807 Mar 31  2024 .profile

So there's an executable file called check, that checks for a password, if we try input a random password that is probably not correct, we will get an error message. And you can't put nothing as the password, it bugs out, trust me I tried. Here:

~$ ./check
password: 1234
Wrong password, Good Bye ...

So for this one, we will use a new command, "ltrace" it traces what an executable does, like our check file, and that way know what is it checking to, to know the correct password (just make sure to press enter like three times, because while tracing the file, it has to check for the password, and to get through that, because we don't have the password we'll just put blank fields):

~$ ltrace ./check
__libc_start_main(0x80490ed, 1, 0xffffd494, 0 <unfinished ...>
printf("password: ")                                                      = 10
getchar(0, 0, 0x786573, 0x646f67password:
)                                         = 10
getchar(0, 10, 0x786573, 0x646f67
)                                        = 10
getchar(0, 2570, 0x786573, 0x646f67
)                                      = 10
strcmp("\n\n\n", "sex")                                                   = -1
puts("Wrong password, Good Bye ..."Wrong password, Good Bye ...
)                                      = 29
+++ exited (status 0) +++

The first thing with the libc stuff is from the ltrace command, so just ignore that. What we care about is the strcmp, which will check for our three password tries and compare them to the word besides it, aka "sex", I feel like that's a joke I don't understand, but seems like that's the correct password for the check, so let's just input that into the check program:

~$ ./check
password: sex

$ whoami
leviathan2

And it seems like we are in a sort of small version of the terminal for the next level, so I guess we can grab the next password from here:

$ cat /etc/leviathan_pass/leviathan2
9QdXFgQMMo

And that's our password! Now you can exit twice because you are inside the small next level terminal, and then go to the next level.

https://overthewire.org/wargames/leviathan/leviathan2.html
Next Level Guide: Leviathan Level 2 → Level 3

Explore My Website