- Security by obscurity!
This is the concept of hiding something with the intention, that only users with the same knowledge can reveal the secret. But this is a hope. One buzzword that uses the same technique – although in a different context – is called backdoor. However the past has shown, that this is not a good technique in terms of security.
Find the executable.
find / -executable -type f -user flag00 2>/dev/null
delivers the following list:
Two suspicious programs. Executing one of them delivers us a shell as user flag00. Afterwards one can execute
You can just pass the string to the command.
echo "getflag" | /rofs/bin/.../flag00
Lesson / How to fix
- The only solution is to avoid this technique completely!
Many backdoors, hidden services, non-documented open ports, storing information within other document-formats(text within pictures…) and many more have been revealed. It is bad practice in terms of security!