Meeting Notes: Oct 12, 2021 -- Bandit Wargame

[William Bean]

6:32pm @Icons Rock Island, Chris Cooper kicks off the meeting

The team embarks on an adventure to complete the Bandit wargame: https://overthewire.org/wargames/bandit/ 

https://overthewire.org/wargames/bandit/bandit2.html - a discussion of escaping the stdin char '-', vs alex's inode trickery

https://overthewire.org/wargames/bandit/bandit12.html - Chris Cooper wins the first meeting stumper with his use of tr to rotate a string by 13 char positions:
`cat data.txt | tr 'A-Za-z' 'N-ZA-Mn-za-m'`. Much wow!

https://overthewire.org/wargames/bandit/bandit18.html - Chris Cooper introduces us to `diff -Naur` for patch-format diffing

https://overthewire.org/wargames/bandit/bandit20.html - Bill has flashbacks to horrible horrible sins committed with setuid binaries

https://overthewire.org/wargames/bandit/bandit24.html - we learn about the linux `timeout` command, with `timeout -s 9 60 $command`

https://overthewire.org/wargames/bandit/bandit26.html - Chris Cooper amazes the crowd by reducing his terminal size so he can interrupt a devious default shell running `more`, then entering vi mode to set a shell of his choosing.

https://overthewire.org/wargames/bandit/bandit31.html - team was a little derailed by a git tag ref that had no tree.  Chris saved the day with `git show <tag>` as the password was in the tag metadata... groans abounded.

https://overthewire.org/wargames/bandit/bandit33.html - the team completed the final shell escape with the use of `$0`.

@8:22pm, the meeting devolves into standard linux/hardware banter, thus concluding another successful QCLUG meeting.

Thanks Chris Cooper for running through the wargame, and thanks to those in attendance!

-- Bill Bean