In bandit level 22 you have to look in /etc/cron.d/ for the configuration and see what command is being executed(I found that it is this /usr/bin/cronjob_bandit23.sh).

------------------------------------------------------------ this is the script

#!/bin/bash

myname=$(whoami)

mytarget=$(echo I am user $myname | md5sum | cut -d ' ' -f 1)

echo "Copying passwordfile /etc/bandit_pass/$myname to /tmp/$mytarget"

cat /etc/bandit_pass/$myname > /tmp/$mytarget

---------------------------------------------------------------------------

so i ran echo I am user bandit23 | md5sum | cut -d ' ' -f 1

and got 8ca319486bfbbc3663ea0fbe81326349 , but there is a problem with this level, as the file created by the script is only readable by bandit23.

-r-------- 1 bandit23 bandit23 0 Jan 3 04:42 /tmp/8ca319486bfbbc3663ea0fbe81326349

any idea how to solve this

edit: OTW :( it is a typing mistake.