Bandit
Level Goal
The goal of this level is for you to log into the game using SSH. The host to which you need to
connect is bandit.labs.overthewire.org, on port 2220. The username is bandit0 and the
password is bandit0. Once logged in, go to the Level 1 page to find out how to beat Level 1.
Commands you may need to solve this level
2/31
ssh
kali@kali:~$ ssh bandit0@172.9.9.176 -p 2220
Level 0 -> Level 1
Level Goal
The password for the next level is stored in a file called readme located in the home directory.
Use this password to log into bandit1 using SSH. Whenever you find a password for a level, use
SSH (on port 2220) to log into that level and continue the game.
Commands you may need to solve this level
Levels
Please use Ctrl+F to find your desired Level.
Level 0
Bandit Level 0Level Goal
The goal of this level is for you to log into the game using SSH. The host to which you need to
connect is bandit.labs.overthewire.org, on port 2220. The username is bandit0 and the
password is bandit0. Once logged in, go to the Level 1 page to find out how to beat Level 1.
Commands you may need to solve this level
2/31
ssh
kali@kali:~$ ssh bandit0@172.9.9.176 -p 2220
password: bandit0
Level Goal
The password for the next level is stored in a file called readme located in the home directory.
Use this password to log into bandit1 using SSH. Whenever you find a password for a level, use
SSH (on port 2220) to log into that level and continue the game.
Commands you may need to solve this level
ls, cd, cat, file, du, find
Password for next level: boJ9jbbUNNfktd78OOpsqOltutMc3MY1
Level 1 -> Level 2
Level Goal
The password for the next level is stored in a file called - located in the home directory
Commands you may need to solve this level
ls, cd, cat, file, du, find
kali@kali:~$ ssh bandit1@bandit.labs.overthewire.org -p 2220
Password: boJ9jbbUNNfktd78OOpsqOltutMc3MY1
When we ls into this level we find a file called “-”
we cant #cat -
What we can do instead is
Level Goal
The password for the next level is stored in a file called - located in the home directory
Commands you may need to solve this level
ls, cd, cat, file, du, find
kali@kali:~$ ssh bandit1@bandit.labs.overthewire.org -p 2220
Password: boJ9jbbUNNfktd78OOpsqOltutMc3MY1
When we ls into this level we find a file called “-”
we cant #cat -
What we can do instead is
Password for next level: CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9
Level 2 -> Level 3
Level Goal
The password for the next level is stored in a file called spaces in this filename located in the
home directory
kali@kali:~$ ssh bandit2@bandit.labs.overthewire.org -p 2220
Password: CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9
When we ls into this level, we find a file called “spaces in this filename”
To cat past this, we use
bandit2@bandit:~$ cat 'spaces in this filename'
UmHadQclWmgdLOKQ3YNgjWxGoRMb5luK
Level Goal
The password for the next level is stored in a file called spaces in this filename located in the
home directory
kali@kali:~$ ssh bandit2@bandit.labs.overthewire.org -p 2220
Password: CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9
When we ls into this level, we find a file called “spaces in this filename”
To cat past this, we use
bandit2@bandit:~$ cat 'spaces in this filename'
UmHadQclWmgdLOKQ3YNgjWxGoRMb5luK
Level 3 -> Level 4
Level Goal
The password for the next level is stored in a hidden file in the inhere directory.
bandit3@bandit:~$ ls
inhere
bandit3@bandit:~$ cd inhere/
bandit3@bandit:~/inhere$ ls
bandit3@bandit:~/inhere$ ls -a
. .. .hidden
bandit3@bandit:~/inhere$ cat ./.hidden
pIwrPrtPN36QITSp3EQaw936yaFoFgAB
The password for the next level: pIwrPrtPN36QITSp3EQaw936yaFoFgAB
Level Goal
The password for the next level is stored in a hidden file in the inhere directory.
bandit3@bandit:~$ ls
inhere
bandit3@bandit:~$ cd inhere/
bandit3@bandit:~/inhere$ ls
bandit3@bandit:~/inhere$ ls -a
. .. .hidden
bandit3@bandit:~/inhere$ cat ./.hidden
pIwrPrtPN36QITSp3EQaw936yaFoFgAB
The password for the next level: pIwrPrtPN36QITSp3EQaw936yaFoFgAB
Level 4 -> Level 5
Level Goal
4/31
The password for the next level is stored in the only human-readable file in the inhere directory.
Tip: if your terminal is messed up, try the “reset” command.
To find what type of file a file is we can use the “file" command. We can do this for each file for
run it for all the files using * (all)
bandit4@bandit:~$ ls
inhere
bandit4@bandit:~$ cd inhere/
bandit4@bandit:~/inhere$ ls
-file00 -file02 -file04 -file06 -file08
-file01 -file03 -file05 -file07 -file09
bandit4@bandit:~/inhere$ file ./-file*
./-file00: data
./-file01: data
./-file02: data
./-file03: data
./-file04: data
./-file05: data
./-file06: data
./-file07: ASCII text
./-file08: data
./-file09: data
bandit4@bandit:~/inhere$ cat ./-file07
koReBOKuIDDepwhWk7jZC0RTdopnAYKh
Level Goal
4/31
The password for the next level is stored in the only human-readable file in the inhere directory.
Tip: if your terminal is messed up, try the “reset” command.
To find what type of file a file is we can use the “file" command. We can do this for each file for
run it for all the files using * (all)
bandit4@bandit:~$ ls
inhere
bandit4@bandit:~$ cd inhere/
bandit4@bandit:~/inhere$ ls
-file00 -file02 -file04 -file06 -file08
-file01 -file03 -file05 -file07 -file09
bandit4@bandit:~/inhere$ file ./-file*
./-file00: data
./-file01: data
./-file02: data
./-file03: data
./-file04: data
./-file05: data
./-file06: data
./-file07: ASCII text
./-file08: data
./-file09: data
bandit4@bandit:~/inhere$ cat ./-file07
koReBOKuIDDepwhWk7jZC0RTdopnAYKh
Level 5 -> Level 6
Level Goal
The password for the next level is stored in a file somewhere under the inhere directory and has
all of the following properties:
human-readable
1033 bytes in size
not executable
bandit5@bandit:~$ ls
inhere
bandit5@bandit:~$ cd inhere/
bandit5@bandit:~/inhere$ ls
maybehere00 maybehere04 maybehere08 maybehere12 maybehere16
maybehere01 maybehere05 maybehere09 maybehere13 maybehere17
maybehere02 maybehere06 maybehere10 maybehere14 maybehere18
5/31
maybehere03 maybehere07 maybehere11 maybehere15 maybehere19
bandit5@bandit:~/inhere$ find . -size 1033c
./maybehere07/.file2
bandit5@bandit:~/inhere$ cat ./maybehere07/.file2
DXjZPULLxYr17uwoI01bNLQbtFemEgo7
Level Goal
The password for the next level is stored in a file somewhere under the inhere directory and has
all of the following properties:
human-readable
1033 bytes in size
not executable
bandit5@bandit:~$ ls
inhere
bandit5@bandit:~$ cd inhere/
bandit5@bandit:~/inhere$ ls
maybehere00 maybehere04 maybehere08 maybehere12 maybehere16
maybehere01 maybehere05 maybehere09 maybehere13 maybehere17
maybehere02 maybehere06 maybehere10 maybehere14 maybehere18
5/31
maybehere03 maybehere07 maybehere11 maybehere15 maybehere19
bandit5@bandit:~/inhere$ find . -size 1033c
./maybehere07/.file2
bandit5@bandit:~/inhere$ cat ./maybehere07/.file2
DXjZPULLxYr17uwoI01bNLQbtFemEgo7
Level 6 -> Level 7
Level Goal
The password for the next level is stored somewhere on the server and has all of the following
properties:
owned by user bandit7
owned by group bandit6
33 bytes in size
bandit6@bandit:~$ find . -user bandit7 -group bandit6 -size 33c
bandit6@bandit:~$ find / -user bandit7 -group bandit6 -size 33c
find: ‘/root’: Permission denied
find: ‘/home/bandit28-git’: Permission denied
find: ‘/home/bandit30-git’: Permission denied
find: ‘/home/bandit5/inhere’: Permission denied
find: ‘/home/bandit27-git’: Permission denied
find: ‘/home/bandit29-git’: Permission denied
find: ‘/home/bandit31-git’: Permission denied
find: ‘/lost+found’: Permission denied
find: ‘/etc/ssl/private’: Permission denied
find: ‘/etc/polkit-1/localauthority’: Permission denied
find: ‘/etc/lvm/archive’: Permission denied
find: ‘/etc/lvm/backup’: Permission denied
find: ‘/sys/fs/pstore’: Permission denied
find: ‘/proc/tty/driver’: Permission denied
find: ‘/proc/5397/task/5397/fd/6’: No such file or directory
find: ‘/proc/5397/task/5397/fdinfo/6’: No such file or directory
find: ‘/proc/5397/fd/5’: No such file or directory
find: ‘/proc/5397/fdinfo/5’: No such file or directory
find: ‘/cgroup2/csessions’: Permission denied
find: ‘/boot/lost+found’: Permission denied
find: ‘/tmp’: Permission denied
find: ‘/run/lvm’: Permission denied
find: ‘/run/screen/S-bandit29’: Permission denied
find: ‘/run/screen/S-bandit26’: Permission denied
find: ‘/run/screen/S-bandit18’: Permission denied
find: ‘/run/screen/S-bandit13’: Permission denied
find: ‘/run/screen/S-bandit16’: Permission denied
find: ‘/run/screen/S-bandit31’: Permission denied
6/31
find: ‘/run/screen/S-bandit8’: Permission denied
find: ‘/run/screen/S-bandit14’: Permission denied
find: ‘/run/screen/S-bandit19’: Permission denied
find: ‘/run/screen/S-bandit21’: Permission denied
find: ‘/run/screen/S-bandit12’: Permission denied
find: ‘/run/screen/S-bandit5’: Permission denied
find: ‘/run/screen/S-bandit22’: Permission denied
find: ‘/run/screen/S-bandit24’: Permission denied
find: ‘/run/screen/S-bandit25’: Permission denied
find: ‘/run/screen/S-bandit0’: Permission denied
find: ‘/run/screen/S-bandit20’: Permission denied
find: ‘/run/screen/S-bandit23’: Permission denied
find: ‘/run/shm’: Permission denied
find: ‘/run/lock/lvm’: Permission denied
find: ‘/var/spool/bandit24’: Permission denied
find: ‘/var/spool/cron/crontabs’: Permission denied
find: ‘/var/spool/rsyslog’: Permission denied
find: ‘/var/tmp’: Permission denied
find: ‘/var/lib/apt/lists/partial’: Permission denied
find: ‘/var/lib/polkit-1’: Permission denied
/var/lib/dpkg/info/bandit7.password
find: ‘/var/log’: Permission denied
find: ‘/var/cache/apt/archives/partial’: Permission denied
find: ‘/var/cache/ldconfig’: Permission denied
We can see that /var/lib/dpkg/info/bandit7.password is available with the same arguments
bandit6@bandit:~$ cat /var/lib/dpkg/info/bandit7.password
HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs
Level Goal
The password for the next level is stored somewhere on the server and has all of the following
properties:
owned by user bandit7
owned by group bandit6
33 bytes in size
bandit6@bandit:~$ find . -user bandit7 -group bandit6 -size 33c
bandit6@bandit:~$ find / -user bandit7 -group bandit6 -size 33c
find: ‘/root’: Permission denied
find: ‘/home/bandit28-git’: Permission denied
find: ‘/home/bandit30-git’: Permission denied
find: ‘/home/bandit5/inhere’: Permission denied
find: ‘/home/bandit27-git’: Permission denied
find: ‘/home/bandit29-git’: Permission denied
find: ‘/home/bandit31-git’: Permission denied
find: ‘/lost+found’: Permission denied
find: ‘/etc/ssl/private’: Permission denied
find: ‘/etc/polkit-1/localauthority’: Permission denied
find: ‘/etc/lvm/archive’: Permission denied
find: ‘/etc/lvm/backup’: Permission denied
find: ‘/sys/fs/pstore’: Permission denied
find: ‘/proc/tty/driver’: Permission denied
find: ‘/proc/5397/task/5397/fd/6’: No such file or directory
find: ‘/proc/5397/task/5397/fdinfo/6’: No such file or directory
find: ‘/proc/5397/fd/5’: No such file or directory
find: ‘/proc/5397/fdinfo/5’: No such file or directory
find: ‘/cgroup2/csessions’: Permission denied
find: ‘/boot/lost+found’: Permission denied
find: ‘/tmp’: Permission denied
find: ‘/run/lvm’: Permission denied
find: ‘/run/screen/S-bandit29’: Permission denied
find: ‘/run/screen/S-bandit26’: Permission denied
find: ‘/run/screen/S-bandit18’: Permission denied
find: ‘/run/screen/S-bandit13’: Permission denied
find: ‘/run/screen/S-bandit16’: Permission denied
find: ‘/run/screen/S-bandit31’: Permission denied
6/31
find: ‘/run/screen/S-bandit8’: Permission denied
find: ‘/run/screen/S-bandit14’: Permission denied
find: ‘/run/screen/S-bandit19’: Permission denied
find: ‘/run/screen/S-bandit21’: Permission denied
find: ‘/run/screen/S-bandit12’: Permission denied
find: ‘/run/screen/S-bandit5’: Permission denied
find: ‘/run/screen/S-bandit22’: Permission denied
find: ‘/run/screen/S-bandit24’: Permission denied
find: ‘/run/screen/S-bandit25’: Permission denied
find: ‘/run/screen/S-bandit0’: Permission denied
find: ‘/run/screen/S-bandit20’: Permission denied
find: ‘/run/screen/S-bandit23’: Permission denied
find: ‘/run/shm’: Permission denied
find: ‘/run/lock/lvm’: Permission denied
find: ‘/var/spool/bandit24’: Permission denied
find: ‘/var/spool/cron/crontabs’: Permission denied
find: ‘/var/spool/rsyslog’: Permission denied
find: ‘/var/tmp’: Permission denied
find: ‘/var/lib/apt/lists/partial’: Permission denied
find: ‘/var/lib/polkit-1’: Permission denied
/var/lib/dpkg/info/bandit7.password
find: ‘/var/log’: Permission denied
find: ‘/var/cache/apt/archives/partial’: Permission denied
find: ‘/var/cache/ldconfig’: Permission denied
We can see that /var/lib/dpkg/info/bandit7.password is available with the same arguments
bandit6@bandit:~$ cat /var/lib/dpkg/info/bandit7.password
HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs
Level 7 -> Level 8
Level Goal
The password for the next level is stored in the file data.txt next to the word millionth
bandit7@bandit:~$ ls
data.txt
bandit7@bandit:~$ cat data.txt | grep millionth
millionth cvX2JJa4CFALtqS87jk27qwqGhBM9plV
Level Goal
The password for the next level is stored in the file data.txt next to the word millionth
bandit7@bandit:~$ ls
data.txt
bandit7@bandit:~$ cat data.txt | grep millionth
millionth cvX2JJa4CFALtqS87jk27qwqGhBM9plV
Level 8 -> Level 9
Level Goal
The password for the next level is stored in the file data.txt and is the only line of text that
occurs only once
bandit8@bandit:~$ ls
data.txt
bandit8@bandit:~$ cat data.txt | sort | uniq -u
UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR
Level Goal
The password for the next level is stored in the file data.txt and is the only line of text that
occurs only once
bandit8@bandit:~$ ls
data.txt
bandit8@bandit:~$ cat data.txt | sort | uniq -u
UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR
Level 9 -> Level 10
Level Goal
The password for the next level is stored in the file data.txt in one of the few human-readable
strings, preceded by several ‘=’ characters.
We cant use the cat command here.
We have to use the strings command. It extracts strings of printable characters from files so
that other commands can use the strings without having to contend with non-printable
characters.
bandit9@bandit:~$ ls
data.txt
bandit9@bandit:~$ cat data.txt | grep =
Binary file (standard input) matches
bandit9@bandit:~$ strings data.txt | grep =
========== the*2i"4
=:G e
========== password
<I=zsGi
Z)========== is
A=|t&E
Zdb=
c^ LAh=3G
*SF=s
&========== truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk
S=A.H&^
Password: truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk
Level Goal
The password for the next level is stored in the file data.txt in one of the few human-readable
strings, preceded by several ‘=’ characters.
We cant use the cat command here.
We have to use the strings command. It extracts strings of printable characters from files so
that other commands can use the strings without having to contend with non-printable
characters.
bandit9@bandit:~$ ls
data.txt
bandit9@bandit:~$ cat data.txt | grep =
Binary file (standard input) matches
bandit9@bandit:~$ strings data.txt | grep =
========== the*2i"4
=:G e
========== password
<I=zsGi
Z)========== is
A=|t&E
Zdb=
c^ LAh=3G
*SF=s
&========== truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk
S=A.H&^
Password: truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk
Level 10 -> Level 11
Level Goal
The password for the next level is stored in the file data.txt, which contains base64 encoded
data
We can use “base64 -d” to decode the base64 string
bandit10@bandit:~$ ls
data.txt
bandit10@bandit:~$ cat data.txt
VGhlIHBhc3N3b3JkIGlzIElGdWt3S0dzRlc4TU9xM0lSRnFyeEUxaHhUTkViVVBSCg==
bandit10@bandit:~$ cat data.txt | base64 -d
The password is IFukwKGsFW8MOq3IRFqrxE1hxTNEbUPR
Level Goal
The password for the next level is stored in the file data.txt, which contains base64 encoded
data
We can use “base64 -d” to decode the base64 string
bandit10@bandit:~$ ls
data.txt
bandit10@bandit:~$ cat data.txt
VGhlIHBhc3N3b3JkIGlzIElGdWt3S0dzRlc4TU9xM0lSRnFyeEUxaHhUTkViVVBSCg==
bandit10@bandit:~$ cat data.txt | base64 -d
The password is IFukwKGsFW8MOq3IRFqrxE1hxTNEbUPR
Level 11 -> Level 12
Level Goal
The password for the next level is stored in the file data.txt, where all lowercase (a-z) and
uppercase (A-Z) letters have been rotated by 13 positions
This is a rot13 cipher.
We need to use the tr command. tr is an abbreviation of translate or transliterate, indicating its
operation of replacing or removing specific characters in its input data set.
bandit11@bandit:~$ ls
data.txt
bandit11@bandit:~$ cat data.txt | tr a-zA-Z n-za-mN-ZA-M
The password is 5Te8Y4drgCRfCx8ugdwuEX8KFC6k2EUu
Level Goal
The password for the next level is stored in the file data.txt, where all lowercase (a-z) and
uppercase (A-Z) letters have been rotated by 13 positions
This is a rot13 cipher.
We need to use the tr command. tr is an abbreviation of translate or transliterate, indicating its
operation of replacing or removing specific characters in its input data set.
bandit11@bandit:~$ ls
data.txt
bandit11@bandit:~$ cat data.txt | tr a-zA-Z n-za-mN-ZA-M
The password is 5Te8Y4drgCRfCx8ugdwuEX8KFC6k2EUu
Level 12 -> Level 13
Level Goal
The password for the next level is stored in the file data.txt, which is a hexdump of a file that
has been repeatedly compressed. For this level it may be useful to create a directory under /tmp
in which you can work using mkdir. For example: mkdir /tmp/myname123. Then copy the
datafile using cp, and rename it using mv
9/31
bandit12@bandit:~$ mkdir /tmp/azid123
bandit12@bandit:~$ ls
data.txt
bandit12@bandit:~$ cp data.txt /tmp/azid123
bandit12@bandit:~$ cd /tmp/azid123
bandit12@bandit:/tmp/azid123$ ls
data.txt
The xxd command is used in Linux to make the hexdump of a file. It is also used to reverse this
process. Let’s use it to retrieve the original file. We are going to use the ‘r’ parameter to revert
the process and provide it with a filename where it should store its output.
bandit12@bandit:/tmp/azid123$ xxd -r data.txt data2
bandit12@bandit:/tmp/azid123$ file data2
data2: gzip compressed data, was "data2.bin", last modified: Thu May 7 18:14:30 2020, max
compression, from Unix
it is a gzip file. We cant extract it yet because it has to have the .gz extension. So, we first
rename the file and then unizip it.
bandit12@bandit:/tmp/azid123$ mv data2 data2.gz
bandit12@bandit:/tmp/azid123$ gzip -d data2.gz
bandit12@bandit:/tmp/azid123$ ls
data2 data.txt
We use the similar process till we can get a readable file
bandit12@bandit:/tmp/azid123$ file data2
data2: bzip2 compressed data, block size = 900k
bandit12@bandit:/tmp/azid123$ mv data2 data2.bz2
bandit12@bandit:/tmp/azid123$ bzip2 -d data2.bz2
bandit12@bandit:/tmp/azid123$ ls
data2 data.txt
bandit12@bandit:/tmp/azid123$ file data2
data2: gzip compressed data, was "data4.bin", last modified: Thu May 7 18:14:30 2020, max
compression, from Unix
bandit12@bandit:/tmp/azid123$ mv data2 data2.gz
bandit12@bandit:/tmp/azid123$ ls
data2.gz data.txt
bandit12@bandit:/tmp/azid123$ gzip -d data2.gz
bandit12@bandit:/tmp/azid123$ ls
data2 data.txt
bandit12@bandit:/tmp/azid123$ file data2
data2: POSIX tar archive (GNU)
bandit12@bandit:/tmp/azid123$ tar -xvf data2
data5.bin
bandit12@bandit:/tmp/azid123$ ls
data2 data5.bin data.txt
10/31
bandit12@bandit:/tmp/azid123$ file data5.bin
data5.bin: POSIX tar archive (GNU)
bandit12@bandit:/tmp/azid123$ tar -xvf data5.bin
data6.bin
bandit12@bandit:/tmp/azid123$ file data6.bin
data6.bin: bzip2 compressed data, block size = 900k
bandit12@bandit:/tmp/azid123$ mv data6.bin data6.bz2
bandit12@bandit:/tmp/azid123$ bzip2 -d data6.bz2
bandit12@bandit:/tmp/azid123$ ls
data2 data5.bin data6 data.txt
bandit12@bandit:/tmp/azid123$ file data6
data6: POSIX tar archive (GNU)
bandit12@bandit:/tmp/azid123$ tar -xvf data6
data8.bin
bandit12@bandit:/tmp/azid123$ file data8.bin
data8.bin: gzip compressed data, was "data9.bin", last modified: Thu May 7 18:14:30 2020,
max compression, from Unix
bandit12@bandit:/tmp/azid123$ mv data8.bin data8.gz
bandit12@bandit:/tmp/azid123$ gzip -d data8.gz
bandit12@bandit:/tmp/azid123$ ls
data2 data5.bin data6 data8 data.txt
bandit12@bandit:/tmp/azid123$ file data8
data8: ASCII text
bandit12@bandit:/tmp/azid123$ cat data8
The password is 8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL
The password: 8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL
Level Goal
The password for the next level is stored in the file data.txt, which is a hexdump of a file that
has been repeatedly compressed. For this level it may be useful to create a directory under /tmp
in which you can work using mkdir. For example: mkdir /tmp/myname123. Then copy the
datafile using cp, and rename it using mv
9/31
bandit12@bandit:~$ mkdir /tmp/azid123
bandit12@bandit:~$ ls
data.txt
bandit12@bandit:~$ cp data.txt /tmp/azid123
bandit12@bandit:~$ cd /tmp/azid123
bandit12@bandit:/tmp/azid123$ ls
data.txt
The xxd command is used in Linux to make the hexdump of a file. It is also used to reverse this
process. Let’s use it to retrieve the original file. We are going to use the ‘r’ parameter to revert
the process and provide it with a filename where it should store its output.
bandit12@bandit:/tmp/azid123$ xxd -r data.txt data2
bandit12@bandit:/tmp/azid123$ file data2
data2: gzip compressed data, was "data2.bin", last modified: Thu May 7 18:14:30 2020, max
compression, from Unix
it is a gzip file. We cant extract it yet because it has to have the .gz extension. So, we first
rename the file and then unizip it.
bandit12@bandit:/tmp/azid123$ mv data2 data2.gz
bandit12@bandit:/tmp/azid123$ gzip -d data2.gz
bandit12@bandit:/tmp/azid123$ ls
data2 data.txt
We use the similar process till we can get a readable file
bandit12@bandit:/tmp/azid123$ file data2
data2: bzip2 compressed data, block size = 900k
bandit12@bandit:/tmp/azid123$ mv data2 data2.bz2
bandit12@bandit:/tmp/azid123$ bzip2 -d data2.bz2
bandit12@bandit:/tmp/azid123$ ls
data2 data.txt
bandit12@bandit:/tmp/azid123$ file data2
data2: gzip compressed data, was "data4.bin", last modified: Thu May 7 18:14:30 2020, max
compression, from Unix
bandit12@bandit:/tmp/azid123$ mv data2 data2.gz
bandit12@bandit:/tmp/azid123$ ls
data2.gz data.txt
bandit12@bandit:/tmp/azid123$ gzip -d data2.gz
bandit12@bandit:/tmp/azid123$ ls
data2 data.txt
bandit12@bandit:/tmp/azid123$ file data2
data2: POSIX tar archive (GNU)
bandit12@bandit:/tmp/azid123$ tar -xvf data2
data5.bin
bandit12@bandit:/tmp/azid123$ ls
data2 data5.bin data.txt
10/31
bandit12@bandit:/tmp/azid123$ file data5.bin
data5.bin: POSIX tar archive (GNU)
bandit12@bandit:/tmp/azid123$ tar -xvf data5.bin
data6.bin
bandit12@bandit:/tmp/azid123$ file data6.bin
data6.bin: bzip2 compressed data, block size = 900k
bandit12@bandit:/tmp/azid123$ mv data6.bin data6.bz2
bandit12@bandit:/tmp/azid123$ bzip2 -d data6.bz2
bandit12@bandit:/tmp/azid123$ ls
data2 data5.bin data6 data.txt
bandit12@bandit:/tmp/azid123$ file data6
data6: POSIX tar archive (GNU)
bandit12@bandit:/tmp/azid123$ tar -xvf data6
data8.bin
bandit12@bandit:/tmp/azid123$ file data8.bin
data8.bin: gzip compressed data, was "data9.bin", last modified: Thu May 7 18:14:30 2020,
max compression, from Unix
bandit12@bandit:/tmp/azid123$ mv data8.bin data8.gz
bandit12@bandit:/tmp/azid123$ gzip -d data8.gz
bandit12@bandit:/tmp/azid123$ ls
data2 data5.bin data6 data8 data.txt
bandit12@bandit:/tmp/azid123$ file data8
data8: ASCII text
bandit12@bandit:/tmp/azid123$ cat data8
The password is 8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL
The password: 8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL
Level 13 -> Level 14
Level Goal
The password for the next level is stored in /etc/bandit_pass/bandit14 and can only be read by
user bandit14. For this level, you don’t get the next password, but you get a private SSH key
that can be used to log into the next level. Note: localhost is a hostname that refers to the
machine you are working on
bandit13@bandit:~$ ls
sshkey.private
bandit13@bandit:~$ ssh bandit14@localhost -i sshkey.private
Level Goal
The password for the next level is stored in /etc/bandit_pass/bandit14 and can only be read by
user bandit14. For this level, you don’t get the next password, but you get a private SSH key
that can be used to log into the next level. Note: localhost is a hostname that refers to the
machine you are working on
bandit13@bandit:~$ ls
sshkey.private
bandit13@bandit:~$ ssh bandit14@localhost -i sshkey.private
Comments
Post a Comment