OverTheWire Leviathan Guide

here's how to solve the leviathan level 3 → 4

Back to the Leviathan Guides

Previous Level Guide: Bandit Level 2 → 3

Access

SSH: ssh leviathan3@leviathan.labs.overthewire.org -p 2223

Password: M4nEAjAXgk

Info

Description: There is no information for this level, intentionally.

Theory

Not much to do with the details from the task, so just skipping to doing it.

Solution

This level is really similar to the one two levels ago, it's the password checker thing, but now you only have one try instead of three, first we will use ls -la to see all files regardless they are hidden and some details of the files/folders:

~$ ls -la
total 40
drwxr-xr-x  2 root       root        4096 Sep 19 07:07 .
drwxr-xr-x 83 root       root        4096 Sep 19 07:09 ..
-rw-r--r--  1 root       root         220 Mar 31  2024 .bash_logout
-rw-r--r--  1 root       root        3771 Mar 31  2024 .bashrc
-r-sr-x---  1 leviathan4 leviathan3 18096 Sep 19 07:07 level3
-rw-r--r--  1 root       root         807 Mar 31  2024 .profile

So just like two levels ago, we are going to use ltrace to see if it's checking for a password inside, and know the password we need for it (just remember to hit enter while in ltrace to continue tracing, because you are inside the program at the same time of ltrace tracing):

~$ ltrace ./level3
__libc_start_main(0x80490ed, 1, 0xffffd494, 0 <unfinished ...>
strcmp("h0no33", "kakaka")                                                = -1
printf("Enter the password> ")                                            = 20
fgets(Enter the password>
"\n", 256, 0xf7fae5c0)                                              = 0xffffd26c
strcmp("\n", "snlprintf\n")                                               = -1
puts("bzzzzzzzzap. WRONG"bzzzzzzzzap. WRONG
)                                                = 19
+++ exited (status 0) +++

Turns out for this one the password is "snlprintf" as we can see from the strcmp, not to be confused with the first strcmp that says kakaka. Now let's try with this password:

./level3
Enter the password> snlprintf
[You've got shell]!
$ whoami
leviathan4

Now we are in the small version of the terminal for the next level, so just like the other level, we'll grab the password from this little thing:

$ cat /etc/leviathan_pass/leviathan4
EU7IX6n7em

And that's our password! Now you can exit twice because you are inside the small next level terminal, and then go to the next level.

https://overthewire.org/wargames/leviathan/leviathan4.html
Next Level Guide: Leviathan Level 4 → Level 5

Explore My Website