Bandit Level 4

Level Goal

The password for the next level is stored in a hidden file in the inhere directory.

Commands you may need to solve this level

ls, cd, cat, file, du, find


Looks like I’ll be changing the directory in this level. I know how to do that. Let’s use the ‘ls’ command to see what we’ve got.

bandit3@bandit:~$ ls
inhere

‘inhere’ is a directory. So I can use ‘cd’ to enter it and another ‘ls’.

bandit3@bandit:~$ cd inhere
bandit3@bandit:~/inhere$ ls
bandit3@bandit:~/inhere$

Wait, nothing is in here.

… Oh, that’s right. It says in the instructions it’s hidden. I’ll use the ‘mon ls’ command to see if there’s a way to see hidden files.

The option ‘-a’ will show me all the files, even hidden ones. Nice!

I’ll open the file using the tricks I’ve used in the previous levels.

bandit3@bandit:~/inhere$ cat ./.hidden
pIwrPrtPN36QITAp3EQaw936yaFoFgAB

And on to the next.

Bandit Level 3

Level Goal

The password for the next level is stored in a file called spaces in this filename located in the home directory

Commands you may need to solve this level

ls, cd, cat, file, du, find

Helpful Reading Material


Another level with a similar premise to the last one but just as the file name says, I’m need to open a file with spaces in it’s name.

bandit1@bandit:~$ ls
spaces in this filename

I’ll try what I did last time but I know it won’t work.

bandit1@bandit:~$ cat spaces in this filename
cat: spaces: No such file or directory
cat: in: No such file or directory
cat: this: No such file or directory
cat: filename: No such file or directory

Yeah that’s what I thought. After skimming through the recommended reading, I learned you can use quotes around names like this.

bandit1@bandit:~$ cat "spaces in this filename"
UmHadQclWmgdLOKQ3YNgjWxGoRMb5luK

No problems here.

Bandit Level 2

Level Goal

The password for the next level is stored in a file called  located in the home directory

Commands you may need to solve this level

ls, cd, cat, file, du, find

Helpful Reading Material


Level 2 seems to be the exact same process as level 1 but instead of ‘readme’ it’s ‘-‘. Let’s try viewing everything in the directory with the ‘ls’ command.

bandit1@bandit:~$ ls
-

Yep! The file named ‘-‘ is the only one in the directory. Now I’ll try opening it with ‘cat’.

bandit1@bandit:~$ cat -



It doesn’t work. If I press the Enter key, it will keep line breaking. Ok, Ctrl-C to end that command. Time to investigate how to open a file with a hyphen in the name. Using the recommended reading on the instructions page, I’ve found that typing the file path will help.

bandit1@bandit:~$ cat ./-
CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9

Tada! Don’t forget to logout!

Bandit Level 1

Alright I’ve made it into Level 0 so now I can start my journey. The instructions for level 1 are here:

Bandit Level 0 → Level 1

Level Goal

The password for the next level is stored in a file called readme located in the home directory. Use this password to log into bandit1 using SSH. Whenever you find a password for a level, use SSH (on port 2220) to log into that level and continue the game.

Commands you may need to solve this level

ls, cd, cat, file, du, find


At first glance, I see only two commands that I’ve used before, ‘ls’ and ‘cd’. If I look at the problem it seems to me that I may only need to use the ‘ls’ command. Unless the home directory isn’t the directory that you start in, this one may be just as simple as the first.

Let me try ls first:

bandit0@bandit:~$ ls
readme

A file ‘readme’ shows up as the only file in this directory.

How can I open the file to view it’s contents? This is where the command ‘cat’ comes in. I used the ‘man cat’ command to learn about it but here is additional documentation.

bandit0@bandit:~$ cat readme
boJ9jbbUNNfktd7800psq0ltutMc3MY1

From there I copied the password from the ‘readme’ file to log into the next level.

The instructions tells me to log in with SSH as I did last time. So I try the same command with a slight change. It now says ‘bandit1’ instead of ‘bandit0’.

bandit0@bandit:~$ ssh -p 220 bandit1@bandit.labs.overthewire.org

But there’s something wrong… Nothing is happening. Eventually it will time out but there’s no reason to wait. I just hit Ctrl-C and I got my terminal back.

After searching for a while I found out that you need to logout of the level you are currently in first before logging in again. The command is simple enough: ‘logout’.

bandit0@bandit:~$ logout
Connection to bandit.labs.overthewire.org closed.

root@root:~# ssh -p 220 bandit1@bandit.labs.overthewire.org

I pasted the password from earlier into the prompt and voila, it worked. Now, onto the next level.

Bandit Level 0

So here we are.

My first attempts into vulnerability testing and it’s even being recorded. Let’s go to OverTheWire’s homepage. First thing I see is a list of their wargames and “Bandit” is listed at the top. Good. It’s the easiest.

Important information for every level:

SSH Information
Host: bandit.labs.overthewire.org
Port: 2220

This is what’s listed on the first Bandit page:

Bandit Level 0

Level Goal

The goal of this level is for you to log into the game using SSH. The host to which you need to connect is bandit.labs.overthewire.org, on port 2220. The username is bandit0 and the password is bandit0. Once logged in, go to the Level 1 page to find out how to beat Level 1.

Commands you may need to solve this level

ssh

Helpful Reading Material


After reading both links given under the title “Helpful Reading Material” (by the way this section IS helpful), I’ve learned how to connect to hosts using SSH. That’s a good sign because the next level is beyond that locked SSH door.

The command ‘man ssh’ will come in handy also! Here’s the unfinished version of the command we need to use:

ssh [options] [username]@[hostname]

Looking at the manual of each command can be daunting at first glance. I’ve definitely froze up looking for what I have needed before but after a longer/closer glance we find that the option ‘-p’ is for a port number.

Ok, what’s next?

Well, we have 4 pieces of info from the page. The port number, host name, username, and password. So we should be able to fill the command in completely at this point.

Let’s try:

ssh -p 2220 bandit0@bandit.labs.overthewire.org

Once I typed the above command in, I get this in response:

This is a OverTheWire game server. More information on http://www.overthewire.org/wargames 

bandit0@bandit.labs.overthewire.org's password: 

Now all that’s left is the password. That’s given; it’s “bandit0”.

WARNING! The cursor will stay stationary and it will look like nothing has been typed but it’s there! It’s just hidden. You know, for safety purposes . . . I guess.

That’s it! If all has been done correctly, the terminal should say this:

bandit0@bandit:~$

And now on to the next level.