Cyber Komand

This is a CTF by overthewire.org in this level the task is to identify a program running at intervals and understanding what the task does this helps in detecting unauthorized or suspicious jobs running that may indicate compromise in a system. Now lets get started.  From my previous post on cron i discussed about commands used to enumerate cron jobs, So the first thing  you want to do is the " ls -lah /etc/cron.d" command which lists the cron directories (cron-hourly, cron-daily, etc).  I want the password for level 22 so the cron job i want to investigate should be the cronjob_bandit22. For the next step i decided to go to the path where the cronjob_bandit22 file is stored you can make this faster by using the command "cat /etc/cron.d/cronjob_bandit22" to view the content of the file,  You can also follow the process in the image i went into the path where all the cron jobs are saved before reviewing the file,  The cronjob_bandit22 file contains the following...