🍃OverTheWire: (old) - Bandit

Note : A JOURNEY TO GAIN KNOWLEDGE

Bandit

Bandit Level 0

ssh username@hostname
so that the command is: `ssh bandit0@bandit.labs.overthewire.org -p 2220`

boJ9jbbUNNfktd78OOpsqOltutMc3MY1

Bandit Level 0 → Level 1

command

bandit1@bandit:~$ cat ./-
CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9
bandit1@bandit:~$ cat <-
CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9
bandit1@bandit:~$

Bandit Level 1 → Level 2

bandit2@bandit:~$ ls
spaces in this filename
bandit2@bandit:~$ cat spaces\ in\ this\ filename
UmHadQclWmgdLOKQ3YNgjWxGoRMb5luK
bandit2@bandit:~$

Bandit Level 2 → Level 3

bandit3@bandit:~$ ls
inhere
bandit3@bandit:~$ cd inhere/
bandit3@bandit:~/inhere$ ls
bandit3@bandit:~/inhere$ ls -a
.  ..  .hidden
bandit3@bandit:~/inhere$ cat .hidden
pIwrPrtPN36QITSp3EQaw936yaFoFgAB
bandit3@bandit:~/inhere$

Bandit Level 3 → Level 4

bandit4@bandit:~$ ls
inhere
bandit4@bandit:~$ cd inhere/
bandit4@bandit:~/inhere$ ls
-file00  -file01  -file02  -file03  -file04  -file05  -file06  -file07  -file08  -file09
bandit4@bandit:~/inhere$ cat *
cat: invalid option -- 'f'
Try 'cat --help' for more information.
bandit4@bandit:~/inhere$ cat ./*
�/`2ғ�%��rL~5�g��� �������p,k�;��r*��        �.!��C��J     �dx,�e�)�#��5��
                                                                                   ��p��V�_���ׯ�mm������h!TQO�`�4"aל�?��r�l$�?h�9('���!y�e�#�x�O��=�ly���~��A�f����-E�{���m�����ܗMkoReBOKuIDDepwhWk7jZC0RTdopnAYKh
�T�?�i��j��îP�F�l�n��J����{��@�e�0$�in=��_b�5FA�P7sz��gNb

koReBOKuIDDepwhWk7jZC0RTdopnAYKh

Bandit Level 4 → Level 5

human-readable file

DXjZPULLxYr17uwoI01bNLQbtFemEgo7

Bandit Level 5 → Level 6

find / -user bandit7 -group bandit6 -size 33c

find / -user bandit7 -group bandit6 -size 33c 2>&1 | grep -F -v Permission

2>&1 meaning

bandit6@bandit:/home$ find / -user bandit7 -group bandit6 -size 33c 2>&1 | grep -F -v Permission | grep -F -v directory
/var/lib/dpkg/info/bandit7.password
bandit6@bandit:/home$ cat /var/lib/dpkg/info/bandit7.password
HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs
bandit6@bandit:/home$

Bandit Level 7 → Level 8

bandit7@bandit:~$ cat data.txt | grep millionth
millionth       cvX2JJa4CFALtqS87jk27qwqGhBM9plV
bandit7@bandit:~$

Bandit Level 8 → Level 9

bandit8@bandit:~$ cat data.txt |sort |uniq -u
UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR

Bandit Level 9 → Level 10

bandit9@bandit:~$ strings data.txt  | grep =
========== the*2i"4
=:G e
========== password
<I=zsGi
Z)========== is
A=|t&E
Zdb=
c^ LAh=3G
*SF=s
&========== truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk
S=A.H&^
bandit9@bandit:~$

Bandit Level 10 → Level 11

bandit10@bandit:~$ cat data.txt | base64 -d
The password is IFukwKGsFW8MOq3IRFqrxE1hxTNEbUPR
bandit10@bandit:~$

Bandit Level 11 → Level 12

bandit11@bandit:~$ cat data.txt | tr 'a-zA-Z' 'n-za-mN-ZA-N'
The password is 5Te8Y4drgCRfCx8ugdwuEX8KFC6k2EUu
bandit11@bandit:~$

Bandit Level 12 → Level 13

In this challenge, you just have to know decompress a file with gzip, bzip2 and xxd . Knowing how to know file extention by file command

8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL

PreviousOverTheWire: Bandit NextWriteup EVABSv5.apk (12levels)

Last updated 3 years ago

hashtagBandit Level 0

hashtagBandit Level 0 → Level 1

hashtagBandit Level 1 → Level 2

hashtagBandit Level 2 → Level 3

hashtagBandit Level 3 → Level 4

hashtagBandit Level 4 → Level 5

hashtagBandit Level 5 → Level 6

hashtagBandit Level 7 → Level 8

hashtagBandit Level 8 → Level 9

hashtagBandit Level 9 → Level 10

hashtagBandit Level 10 → Level 11

hashtagBandit Level 11 → Level 12

hashtagBandit Level 12 → Level 13