2025年03月06日

i have no idea how setuid works. i still have not figured out why this works at all. it’s very confusing.

my thought process on this one is that setuid works by running a command from another user because that binary said so.

normally, you dont have permission to read /etc/bandit_pass/bandit20 password. maybe that’s how setuid works? no idea