* Use `;)` to login as user and pass
* Use `bkdr` command to trigger a format string
* Overwrite stack variable to enable `list` command
* User command injection in `popen` used by `list` to get code execution

[Writeup](https://fascinating-confusion.io/posts/2022/07/htb-business-ctf-22-insider-writeup/)

Original writeup (https://fascinating-confusion.io/posts/2022/07/htb-business-ctf-22-insider-writeup/).