Posts

Login ssh : ssh bandit18@bandit.labs.overthewire -p 2220 password : x2gLTTjFwMOhQ8oWNbMN362QKxfRqGlO Task : to get the next level password you have to read the readme file Theory .bashrc is a file that runs every time a terminal is loaded. This means it is also run when logging in through SSH because this also loads a terminal. a new thing about ssh is that it does not just allows us to remotely connect to another machine but it lets us to run a command just after the common shh expression. Solution as mentioned in the level that thhappenese .bashrc file is modified to log us out just after we connect with ssh , so what I’ve done is i included the command cat with the ssh expression to read the file before the logout happens ssh bandit18@bandit.labs.overthewire.org -p 2220 'cat readme' i found and another alternative is to run or -t /bin/sh to open a pseudo-terminal

Login ssh : ssh bandit9@bandit.labs.overthewire -p 2220 password : 4CKMh1JI91bUIZZPXDqGanal4xvAg0JM Task : fine a the password inside a file data.txt , that is located next to some equal signs Solution after running the command file data.txt we notice that file data.txt is not a text file it is a binary file, to fix that we gonna use the command strings which can turn data into readable characters then with the pipe command | we find the password with grep strings data.txt | grep =

Login ssh : ssh bandit2@bandit.labs.overthewire.org -p 2220 password : 263JGJPfgU6LtdEvgfWU1XP5yac29mFx Task read form a file that contains spaces in its name Solution the answer is you either skip the spaces using a \ cat ./space\ in\ this\ filename or you may also open it like this : cat "space in this filename"

Login ssh : ssh bandit3@bandit.labs.overthewire -p 2220 password : MNk8KNH3Usiio41PRUEoDFPqfxLPlSmx Task find the hidden file to get the next level password Solution cd inhere ls -la

Login ssh : ssh bandit4@bandit.labs.overthewire -p 2220 password : 2WmrDFRmJIq3IPxneAaMGhap0pFhF3NJ Task find the human readable file in the inhere directory Solution as the in the bandit2 level all the files starts with - which means if we gonna use them I have to start each one with ./ . in this level I used the command file the check which file is human readable which means it should contain text to select all files all at once we gonna use the * cd inhere file ./* this should display all the files with their type

Login ssh : ssh bandit5@bandit.labs.overthewire -p 2220 password : 4oQYVPkxZOOEOO5pTW81FB8j8lxXGUQw Task the goal is to find a file that is human readable and has a size of 1033 bytes among a lof of files and directories Solution in this solution I used the command find with 2 parameters which are : -readable to find any file that is readable for humans (which means a text file) -size <size><unit> , to specify the file size, we have to replace the <...> with the correct values , the <unit> part is gonna be replaced with c (check the man for more details) cd inhere find -readable -size 1033c

Login ssh : ssh bandit6@bandit.labs.overthewire -p 2220 password : HWasnPhtq9AVKe0dmk45nxy20cvUa6EG Task : the goal is to find a file locate somewhere on the server Solution as the previous level I used the command find but first we need to go to the root directory , cus there is no hints about the file’s location cd / after that I used the find command with the following parameters : -user <user> : to specify the owner of the file -group <group> to specify the group that the files belongs to -size <size><unit> : to specify the file size I run this command from the root directory and since there is a lot of files that we can’t access the screen will be full of permission denied messages, to get rid of them we gonna use the [[Linux Commands#the errors stream (stderr)|stderr]] to redirect them to /dev/null file to clean the screen and catch the wanted file ...

Login ssh : ssh bandit7@bandit.labs.overthewire -p 2220 password : morbNTDkSW6jIlUc0ymOdMaLnOlFVAaj Task : find the password inside a big file, which is next to the word millionth Solution I used the command grep to catch the wanted line grep millionth

Login ssh : ssh bandit8@bandit.labs.overthewire -p 2220 password : dfwvzFQi4mU0wfNbFOe9RoWskMLg7eEc Task : find the password in a file , the hint is the password is the only one that occurs once Solution I used the sort command to sort the list of line the using the | combining it to the uniq -c command which removes all the duplicates and with the parameter -c it will display the numbers of occurrences of each line, following with | to the grep command where we gonna look for 1 sort data.txt | uniq -c | grep 1

Login : ssh : ssh bandit0@bandit.labs.overthewire.org -p 2220 password : bandit0 Task : in this level the goal is to try to log in using SSH with the provided credentials Theory : SSH (secure shell protocol) , is a network protocol used to remotely connect to another machine . In Linux, you can remotly connect to another machine using the command ssh with : ssh <username>@<server> -p <port> the parts with <..> needs to be replaced with the correct informations the <server> needs to be replaced with the valid URL or the IP address the -p is used to be able to set the correct port Solution : the informations provided will lead you to the following command : ...