DEV Community: San Kang

[Adult Learning Log] C Language – Week 4 Review

San Kang — Thu, 03 Jul 2025 04:11:54 +0000

○ Key Learning Points from Week 4

Learned about the concepts and types of arithmetic operators, relational operators, logical operators, and conditional operators.
Studied increment/decrement operators, compound assignment operators, comma operators, and bitwise operators.
Understood type conversion and operator precedence.

○ Expression (Formula)

An expression is a combination of constants, variables, and operators, divided into operators and operands.

○ Arithmetic Operators (Basic Arithmetic): `+`, `-`, `*`, `/`, `%`

Division between int types results in an int (decimal parts are truncated).
Division between float types yields float results.
% (Modulus Operator) returns the remainder of dividing the first operand by the second operand.

○ Increment/Decrement Operators

++variable, variable++, --variable, variable--
The position of the increment/decrement operator affects when the value is updated.

○ Assignment Operators

Operators that assign the result of an expression to a variable.

The left side must be a variable, while the right side can be any expression.

100 = x + y; // Error
x = x + 1;   // Valid (Different from the math "="!)
y = x = 3;   // Valid (Assigns 3 to x, then assigns x's value to y)

○ Compound Assignment Operators

Combines = with arithmetic operators, e.g., x += y.

Allows shorthand for reassigning the result to the same variable.

○ Relational Operators: `==`, `!=`, `>`, `<`, `>=`, `<=`

Compares two operands; returns TRUE (1) or FALSE (0).
Cannot chain comparisons as in math: 2 < x < 5 → This is invalid.
- Correct way: (2 < x) && (x < 5)

○ Logical Operators: `&&`, `||`, `!`

Used to combine multiple conditions.
Returns 1 (TRUE) if the condition is met, 0 (FALSE) otherwise.
In C, non-zero values are considered TRUE and 0 is FALSE.
Note: In this class, negative numbers were also treated as FALSE due to representing no electric signal.

○ Ternary Operator (Conditional Operator)

The only operator that takes three operands:

max_value = (x > y) ? a : b;  // Returns a if TRUE, b if FALSE

○ Comma Operator

Evaluates two expressions separated by , sequentially.

○ Bitwise Operators: `&`, `|`, `^`, `<<`, `>>`, `~`

<< shifts bits to the left, effectively doubling the value per shift (due to binary nature).

○ Type Conversion & Operator Precedence

Type Conversion (Casting)

Changes the data type during program execution.
Be cautious—improper casting can lead to data loss.
When mixing different data types, C automatically promotes to the larger type.

Explicit Casting

Developer explicitly converts the type using parentheses before the variable:

(int)1.35  // Casts 1.35 to int

Operator Precedence

Determines the order of operations among multiple operators.
Refer to the textbook’s precedence chart for details.

○ Practice

Try writing and executing C code using the operators learned this week.

[Adult Learning Log] Data Structures – Week 3 Review

San Kang — Wed, 02 Jul 2025 03:05:08 +0000

○ Key Takeaways from Week 3

Learned about stacks, related operations, practical uses, and implementation methods.
Understood the difference between static and dynamic stack connections and their implementation.
Practiced writing size() and print_stack() for a stack implemented using a linked list.
Studied expression evaluation and conversion using stacks.
Learned about multiple stacks implemented in one array.

○ Stack: Last-In First-Out (LIFO) Structure

Think of a stack like a pile of plates: the last one added is the first to be removed.
The top of the stack is called top.
The bottom does not need to be accessed directly.

Abstract Data Type (ADT) for Stack

Common Operations:

init() – initialize the stack
push(a) – add element a to the top
pop() – remove and return the top element
is_empty() – return TRUE if empty, else FALSE
is_full() – return TRUE if full, else FALSE
peek() – return top element without removing it

If push() is called on a full stack → Overflow Error
If pop() or peek() is called on an empty stack → Underflow Error

Common Use Cases:

Undo actions, back button in browsers, parenthesis matching, calculators, maze solving, etc.

○ Dynamically Linked Stack

Unlike array-based stacks, dynamic stacks using linked lists allocate memory using malloc() as needed.
The top pointer dynamically moves with each operation.
Memory-efficient and flexible but more complex to implement and slower.

Example Usage (C):

typedef int Element;
#include "LinkedStack.h"

void main() {
    int A[7] = {0, 1, 1, 2, 3, 5, 8};

    printf("Stack Test\nInput Data: ");
    for(int i = 0; i < 7; i++) {
        printf("%3d", A[i]);
        push(A[i]);
    }

    printf("\nOutput Data: ");
    while (!is_empty())
        printf("%3d", pop());

    printf("\n");
    destroy_stack();  // Free all dynamic nodes
}

○ Stack Size and Print (Linked List Version)

In a linked stack, each node contains data and a link to the next.
The top node is the most recently pushed.
Must traverse the list to count or print.

`size()` Example:

top → A → B → C → D → NULL
Returns: 4 (O(4) time complexity)

`print_stack()`:

Traverse from top and print each node’s data.
Prints in reverse order of input.

○ Expression Evaluation and Notation Conversion

Three common forms: prefix, infix, postfix
- Humans use infix, computers use postfix
- a + b → infix, ab+ → postfix

Expression Handling via Stack:

Infix → Postfix conversion then calculate
Operators with higher precedence (*, /) should be output before lower ones (+, -)
Left parenthesis always pushed (lowest priority)
Right parenthesis triggers pop until left parenthesis is removed

○ Multiple Stacks in a Single Array

Implementing two or more stacks in one array improves memory efficiency.
Typically: Stack 1 grows from left, Stack 2 grows from right.

[Adult Learning Log] Data Structures – Week 2 Review

San Kang — Wed, 02 Jul 2025 03:04:04 +0000

○ Key Takeaways from Week 2

Learned the concept of arrays and array-based sequential lists.
Studied 1D/2D array declarations, initialization, sparse matrix representation, and transpose matrices.
Learned how strings are implemented and the role and danger of omitting the \0 null character.
Understood how arrays behave when passed as function arguments.
Covered structure definitions, declarations, operations, and nested structures.
Learned about pointers and dynamic memory allocation.

○ Sequential List

A list implemented using arrays.
An array is a collection of elements of the same data type.
Stored sequentially in memory, both logically and physically (addresses are also consecutive).
Offers fast access via index but can be slow for insert/delete operations.
Important to understand the abstract data type (ADT) concept of a list and how to implement it using arrays.
Later, this will be compared with linked lists (pointer-based).

○ 1D Array

A set of pairs. Accessing by index yields the corresponding value.
Declared as data_type array_name[size];
- int A[6];
- int A[6] = {1, 2, 3, 4, 5, 6};
- int A[] = {1, 2, 3, 4, 5, 6};
A holds the address of A[0].
Local variables in C are not auto-initialized to 0, so uninitialized values may contain garbage data.

○ 2D Array

Declared as data_type array_name[rows][columns];
- int A[2][3]; creates a 2x3 matrix.
Initialized like:
- int A[2][3] = {{1,2,3}, {4,5,6}};
- int A[2][3] = {1,2,3,4,5,6};
Sparse matrices save space but make operations more complex.
Represented as triplets: {row, column, value}
Transpose matrix: swaps rows and columns, useful when column-wise operations are needed.

○ Strings = Character Array + Null Terminator `\0`

Example: char S1[16] = "Hello World"; automatically adds \0 at the end.
Without \0, memory is read until a null byte is found—may cause garbage output or segmentation fault.
Use strcpy() or strcpy_s() to initialize character arrays safely.

○ Passing Arrays to Functions

C uses call-by-value, but arrays are passed by reference (by address).
Changes inside the function affect the original array.
Must also pass the size of the array explicitly.

○ Structure (struct) Basics

Combines different data types under one unit.
Must be defined before use.

typedef struct {
    int id;
    char name[20];
    double score;
} Student;

Student a = {202403156, "Hong Gil-dong", 96.3};
a.id = 242403156;
strcpy(a.name, "Hong Gil-dong");

Use . to access members.
strcpy() is needed for character arrays (strings).

○ Struct Operations and Nested Structures

Only assignment (=) is supported. Other operations like comparison (>) are not allowed.

typedef struct {
    int month;
    int date;
} Birthday;

typedef struct {
    char name[20];
    Birthday birthday;
} Friend;

Friend list[45];

○ Passing Structs to Functions

Passed by value (copied), so changes inside the function don’t affect the original.
Use pointers to modify original struct values.

○ Polynomial Representation

Practice in storing and manipulating structured data.
Store coefficients in arrays, usually in ascending order by degree:
- int coef[] = {7, 5, 2, 3}; → index 0 = constant, index 3 = highest degree term.
- Easier coding and readability when using index = degree.

○ Pointer Basics

A pointer holds the address of another variable.
Use * to access or modify the value being pointed to.
Use & to get a variable's address.
Arrays act like pointers in many contexts.

○ Dynamic Memory Allocation

Allocates memory at runtime, allows efficient use of memory.
malloc() is used to request memory from the heap.
Always free() the memory to avoid memory leaks.

int *pi;
pi = (int*)malloc(sizeof(int));
// use pi
free(pi);

[Adult Learning Log] C Language - Week 3 Review

San Kang — Thu, 26 Jun 2025 05:42:53 +0000

○ Key Takeaways from Week 3

Learned how to use sizeof to find out the memory size occupied by a variable or data type.
Understood the concepts of variables and constants, and the classification, size, and range of data types.
Learned about unsigned, signed type specifiers and how to use suffixes to specify data types for integer constants.
Studied symbolic constants and the differences between constants and variables.
Learned the concept of Underflow, which is the opposite of Overflow.

○ Review Highlights

Reviewed the concept of Overflow and the importance of selecting appropriate data types.
Revisited how negative numbers are represented in computers using Two's Complement.
Reviewed fixed-point vs. floating-point number representations.
Refreshed understanding of ASCII codes.

○ Data Types and Sizes: (1) Integer Types

short : 16-bit (2 bytes) → Range: -2^15 ~ 2^15 - 1
int : 32-bit (4 bytes) → Range: -2^31 ~ 2^31 - 1
long : 32-bit (4 bytes) → Range: -2^31 ~ 2^31 - 1
long long : 64-bit (8 bytes) → Range: -2^63 ~ 2^63 - 1

Why are there so many integer types in C?

Allows programmers to choose appropriate types based on use-case.
Increasing the bit size extends the range but consumes more memory.

○ Signed vs Unsigned

unsigned: Represents only non-negative values. No sign bit required.

→ For 32 bits: 0 ~ 2^32 - 1
signed: Includes both positive and negative values (usually default as int).

→ With 1 bit for sign, 31 bits remain for value: -2^31 ~ 2^31 - 1

○ Integer Constant Suffixes

u or U → unsigned (e.g., 123u)
l or L → long (e.g., 123L)
ul or UL → unsigned long (e.g., 123UL)

○ Overflow

Occurs when data exceeds the size limits of its data type.
Can lead to incorrect results or system behavior.
Happens when the sum requires more bits than available.
If the sign bit in the result differs from operands, overflow occurs.
Always choose data types with sufficient size to prevent overflow.

○ Symbolic Constants

Constants expressed using symbols (e.g., #define) for readability and maintainability.
Changing a value in one place instead of multiple occurrences makes code maintenance easier.

#define EXCHANGE_RATE 1120    // preferred
// #define EXCHANGE_RATE = 1120; → incorrect

Symbolic Constant vs Variable

#define is a preprocessor directive and is replaced before compilation.
It does not occupy memory or have a data type.
Variables are stored in memory and can be changed at runtime.
Think of symbolic constants as constant variables that don’t exist in memory.

○ Data Types and Sizes: (2) Floating Point Types

float: 32-bit (4 bytes) → Single precision, ~7 decimal digits
double: 64-bit (8 bytes) → Double precision, ~15~16 decimal digits
long double: 64-bit+ → Extended precision (compiler-dependent)

Fixed vs Floating Point

Fixed-point: Simple but limited for large numbers
Floating-point: Used in science/engineering for representing very large/small numbers

Floating-point Overflow & Underflow

Overflow: Too large to represent → often shows inf
Underflow: Too small to represent

Why decimal for float range but binary for int?

Integers stored in binary → binary ranges (2^n) are precise and meaningful.
Floats care about how many decimal digits can be represented accurately, so decimal notation is more informative.

○ Data Types and Sizes: (3) Character Type

char type stores characters using ASCII codes.

Control Characters

Non-printable characters used for control:
- \0 → null terminator (marks end of string)
- \a → bell (beep sound)
- \b → backspace
- \t → horizontal tab
- \n → newline
- \v → vertical tab
- \f → form feed
- \r → carriage return
- \", \', \\ → literal quote or backslash

`\0` Null Terminator

Marks end of a string in memory.
Strings in C are arrays of characters; they don't store length separately.
So \0 acts like a period to signify end of the string.

○ Practice Activities

Practice 1: `sizeof`

Use sizeof to display memory size for various data types and variables.

Practice 2: Currency Converter

Input USD amount → output converted KRW amount.
Use Symbolic Constant for exchange rate.

Practice 3: ASCII & Char Practice

Print numeric and character values using ASCII codes.

[Adult Learning Log] C Language - Week 2 Review

San Kang — Thu, 26 Jun 2025 03:26:54 +0000

[C Language Week 2] Comments, Preprocessor, Variables, and More

○ Key Takeaways from Week 2

Hands-on practice: Simple calculator, monthly salary calculator
Learned that most C programs define functions inside the main function
Learned three ways to write comments in C
Understood what a preprocessor is, why it’s used, and the meaning of directives like #include <stdio.h>
Learned the structure of functions and the significance of return values
Covered variable declarations, identifier naming rules, and standard data types
Practiced using printf(), scanf(), and scanf_s() functions

○ Typical Program Structure

Most programs follow this pattern: Input → Process → Output

○ Comments in C

C supports the following types of comments:

Single-line comment:

  /* This is a single-line comment */

Multi-line comment:

  /* This is a
     multi-line
     comment */

Since C99:

  // Comment from here to end of the line

○ Preprocessor

Preprocessing refers to tasks performed before compilation starts.

Example:

#include <stdio.h>

#include: directive to include external files
stdio.h: standard input/output header file
- stdio = Standard Input Output
- .h = Header file

This allows access to functions like scanf() and printf().

Why use header files?

Organize frequently used code (functions, constants, structures, etc.)
Reduce duplication, improve modularity and maintenance
Directives like #include allow reusable code blocks

Example 2:

#define _CRT_SECURE_NO_WARNINGS  // Used in Visual Studio to suppress scanf warnings

○ Structure of a Function

Example:

int main(void) {
    return 0;
}

int: return type (integer)
main: function name (entry point)
void: no input parameters
{ }: function body
return 0;: signals successful termination

return 0 = Success

return 1 or other values = Error or abnormal termination

○ Variables

Declaration:

int x;        // Declares integer variable x
float radius; // Declares float variable

Standard Data Types:

Integer types: short, int, long long
Floating-point types: float, double, long double
Character type: char (read as “character”)

Identifier Rules:

Must consist of letters, digits, and underscores (_)
Cannot contain spaces
First character must be a letter or _ (not a digit)
Case-sensitive
Cannot use reserved keywords (e.g., int, float)

Good names describe purpose: year, bank_account, BankAccount

Poor names: i, j, k (unclear meaning)

Initialization:

int x = 10;
int y = 20;
int sum = 0;

Multiple variables of the same type can be initialized in one line:

int width = 100, height = 200;  // Recommended
int width, height = 200;        // Not recommended (only height is initialized)

○ `printf()` and `scanf()`

`printf()` Example:

int x = 10;
printf("%d", x);  // %d = decimal integer

%d tells printf to print an integer in decimal format

`scanf()` Example:

float radius;
printf("Enter radius: ");
scanf("%f", &radius);

& (ampersand) passes the address of the variable so scanf() knows where to store the input

○ Omitting &radius (e.g., scanf("%f", radius);) will cause an error.

Use %lf to read a double value (lf = long float)

○ `scanf()` vs `scanf_s()` and Security

In Visual Studio, using scanf() often triggers a warning recommending scanf_s().

Why?

To prevent buffer overflow, which is a common vulnerability.

scanf() without input size limits can cause excessive input to overwrite memory
This can allow attackers to execute arbitrary code (a classic exploit)

This technique is known as pwnable hacking

Many systems (Windows, Adobe, UNIX tools) have been exploited in the past due to such vulnerabilities
scanf_s() is a Microsoft-specific secure function that forces the developer to specify buffer sizes
Not portable to Linux/GCC environments → safer alternatives like fgets() are often used

To disable the warning in Visual Studio:

#define _CRT_SECURE_NO_WARNINGS

○ Practice Exercises

Input two numbers and print the sum

Calculate monthly salary based on annual salary

[Adult Learning Log] Data Structures & Algorithms – Week 1 Review

San Kang — Mon, 16 Jun 2025 04:23:24 +0000

○ New Things I Learned

Learned why data structures and algorithms are crucial in computer science.

Understood the notations O, Ω, and Θ used for representing the order (number of operations required to solve a problem), and why Big-O notation is especially important.

Gained a clearer understanding of pseudo-code (or Pseudo-Code), and why logarithmic complexity such as log₂(n) is often used.

○ Why Are Data Structures and Algorithms Important?

Data structures and algorithms are essential in designing any software or program.

Data Structure: What structure should be used to store and manage the data? / Algorithm: How can we solve the problem efficiently?

Structuring data enables computers to apply algorithms efficiently. These structures are reusable across various programs (generality), and users can use them without knowing the internal implementation (abstraction).

A strong foundation in computer science (i.e., algorithmic thinking) is a must for becoming a competent developer in any field. It is especially important in hiring for entry-level positions, internships, and jobs at large or global companies that often include algorithm tests.

○ Algorithm Complexity Analysis

To write efficient algorithms, we must be able to analyze their complexity.

Although measuring execution time is intuitive, it’s not always practical. Instead, we use a concept called "order" that approximates the number of operations.

Big-O (O): Upper bound (worst-case performance) / Big-Omega (Ω): Lower bound (best-case performance) / Big-Theta (Θ): Tight bound (average-case performance)

In practice, Big-O is most commonly used because systems must be designed with the worst-case scenario in mind. Designing based on the best case is unrealistic.

○ What is Pseudo-Code?

Pseudo-code is a commonly used way to describe algorithms — it presents the core logic in a way that’s easy for humans to understand.

Although it can't be executed directly, it helps visualize the steps of an algorithm clearly. Once understood, it can easily be implemented in any programming language.

Since it is not bound to any specific syntax, there is no strict grammar. However, there are conventional styles that make it readable — you can think of it as the "body language" of the computer science world.

[Adult Learning Log] Network 1 – Week 1 Review

San Kang — Fri, 13 Jun 2025 01:05:10 +0000

○ New Things I Learned

I learned why IP addresses are divided into four parts (e.g., 0000.0000.0000.0000).

I understood the relationship between hostnames and IP addresses.

I finally understood what IPv4, IPv6, and DNS—terms often seen in router settings—actually mean.

○ IP Address

An IP address is an address system used by the IP protocol at the network layer to identify individual hosts.

It consists of 32 binary bits and is usually divided into four 8-bit sections, expressed in decimal format (e.g., 1111.1111.1111.1111).

This commonly used format is called IPv4, where “v4” stands for “version 4.”

However, with the rapid expansion of the Internet, a more scalable address system became necessary—this led to the development of IPv6.

IPv6 is composed of 128 bits, divided into eight 16-bit blocks. Each block is expressed as four-digit hexadecimal numbers (ranging from 0 to FFFF).

In most home networks and small websites, IPv4 is still more widely used. Therefore, both IPv4 and IPv6 are often used together in a configuration called Dual Stack.

○ Hostname

To connect to a specific host on the Internet, you need its IP address.
However, users prefer to use easily recognizable and meaningful text-based names instead of numeric IP addresses.

That’s why when a user enters a hostname, a DNS (Domain Name System) server translates it into the corresponding IP address.

A DNS structure is typically divided into four hierarchical levels: Country Domain, Organization Type, Organization Name, and Host, separated by dots (.).

Example:

www.google.co.kr

→ www (Host), google (Organization Name), co (Organization Type), kr (Country Domain)

Note: The term hostname can refer to the entire name (www.google.co.kr), or in a narrower sense, it may specifically refer to the host part (e.g., www for a web server).

[Write Up] Bandit Wargame Clear Log (Level 25 - 33)

San Kang — Tue, 10 Jun 2025 04:06:53 +0000

26. Bandit Level 25 → Level 26

Level Goal
Logging in to bandit26 from bandit25 should be fairly easy… The shell for user bandit26 is not /bin/bash, but something else. Find out what it is, how it works and how to break out of it.

NOTE: if you’re a Windows user and typically use Powershell to ssh into bandit: Powershell is known to cause issues with the intended solution to this level. You should use command prompt instead.

Commands you may need to solve this level
ssh, cat, more, vi, ls, id, pwd

How I solved it

I started by entering ls to check the files in the current directory.
I found the bandit26.sshkey file and used the cat command to view its contents.

It looked like a valid private key, so I ran ssh -i bandit26.sshkey bandit26@localhost -p 2220 to try logging into bandit26.
The bandit system asked me to confirm the connection, and I typed yes. Unfortunately, the connection closed immediately after.

To find out what shell bandit26 uses, I ran cat /etc/passwd | grep bandit26.
The result showed that the shell is a script called showtext.
I used the cat command to read it, and I found that it runs the more command.

The more command similar to cat, but it only displays one screen at a time.
I realized that if the bandit program can not shows full contents at once, the disconnection wouldn't be happen.
So I ran ssh -i bandit26.sshkey bandit26@localhost -p 2220 again and adjusted the terminal screen size much smaller than before. Then entered yes.

It worked! The connection was fine.
Next, I pressed v to enter vi editor mode. And then, I ran :set shell=/bin/bash to set the shell to bash.
After that, I entered :sh to open a shell temporarily without closing the vi editor.

Finally, I logged in Level 26, and got the password for Level 26 using `cat /etc/bandit_pass/bandit26'.

##Bandit Level 26 → Level 27

Level Goal
Good job getting a shell! Now hurry and grab the password for bandit27!

Commands you may need to solve this level
ls

How I solved it

I entered ls to check the files in the current directory.
I found the bandit27-do file and executed it to learn how I can use it.
The instruction indicated me that the file runs a command as another user.
So I executed the bandit27-do file with the id command.
The result showed me that the Efective User ID(euid) is bandit27. Efective User ID refers to the user ID that determines the permissions for a process or task.
Based on this, I executed ./bandit27-do cat /etc/bandit_pass/bandit27.
Finally, I successfully retrieved the password for the next level.

##Bandit Level 27 → Level 28

Level Goal
There is a git repository at ssh://bandit27-git@localhost/home/bandit27-git/repo via the port 2220. The password for the user bandit27-git is the same as for the user bandit27.

Clone the repository and find the password for the next level.

Commands you may need to solve this level
git

How I solved it

First of all, I ran man git to learn about the git command and its available options.
I found the clone command, which is used to clone a repository into a new directory.
Next, I created a working directory with mkdir /tmp/sank27 and moved into it using cd.

Then I entered git clone ssh://bandit27-git@localhost/home/bandit27-git/repo, but somthing was wrong---I got a "permission denied" error.

I wondered what I had missed, so I re-read the level instructions carefully.
Then I realized that I had forgotten to include the port number.
I corrected the command to git clone ssh://bandit27-git@localhost:2220/home/bandit27-git/repo. This time, the system asked for a password, so I entered the one for Level 27.
The cloning process completed successfully. I used ls to check the contents and then found a directory named repo.
I moved into it using cd and used ls again. There was a README file inside.
I read it using cat, and finally, I successfully obtained the password for the next level.

##Bandit Level 28 → Level 29

Level Goal
There is a git repository at ssh://bandit28-git@localhost/home/bandit28-git/repo via the port 2220. The password for the user bandit28-git is the same as for the user bandit28.

Clone the repository and find the password for the next level.

Commands you may need to solve this level
git

How I solved it

First, I created a working directory with mkdir /tmp/sank28 and moved into it using cd.
Then I ran git clone ssh://bandit28-git@localhost:2220/home/bandit28-git/repo, and entered the password for Level 28.

After the cloning process completed successfully. I used ls to check the contents and then found a directory named repo.
I moved into it using cd and ran ls again. There was a file named README.md, and I read it using cat.
It seemed like the file had included the password for the next level before someone edited it.
So I used the git log command to check the commit history of the file. And then I noticed that the latest commit was made to fix an information leak.

So I checked out the previous commit using git checkout command, and then re-read the README.md file with cat.
Finally, I successfully obtained the password for the next level.

##Bandit Level 29 → Level 30

Level Goal
There is a git repository at ssh://bandit29-git@localhost/home/bandit29-git/repo via the port 2220. The password for the user bandit29-git is the same as for the user bandit29.

Clone the repository and find the password for the next level.

Commands you may need to solve this level
git

How I solved it

First, I created a working directory with mkdir /tmp/sank29 and moved into it using cd.
Then I ran git clone ssh://bandit29-git@localhost:2220/home/bandit29-git/repo, and entered the password for Level 29.

After the cloning process completed successfully. I used ls to check the contents and then found a directory named repo.
I moved into it using cd and ran ls again. There was a file named README.md, and I read it using cat.
It seemed like the file had included the password for the next level before someone edited it.
I used the git log command to check the commit history of the file, but I couldn't find any useful clues.

So I ran man git to learn about the git command, its subcommands, and options.
I came across the branch command. It looked useful, but I was not sure how to use it.
So I ran git branch -h, which showed usage examples and general options. Then I used thegit branch -a to list all branches, and discovered a branch named dev`.

I guessed that developers might have stored the password, so I checked out the dev branch.
After switching, I ran ls and re-read the README.md file using cat. I successfully found the password for the next level.

##Bandit Level 30 → Level 31

Level Goal
There is a git repository at ssh://bandit30-git@localhost/home/bandit30-git/repo via the port 2220. The password for the user bandit30-git is the same as for the user bandit30.

Clone the repository and find the password for the next level.

Commands you may need to solve this level
git

How I solved it

First, I created a working directory with mkdir /tmp/sank30 and moved into it using cd.
Then I ran git clone ssh://bandit30-git@localhost:2220/home/bandit30-git/repo, and entered the password for current level.

After the cloning process completed successfully. I used ls to check the contents and then found a directory named repo.
I moved into it using cd and ran ls again. There was a file named README.md, and I read it using cat, but I couldn't find useful message.
Next, I used the git log command to check the commit history of the file, but couldn't find any useful clues.
I also ran git branch, but still I couldn't get any clues.
So I ran man git to learn about the git command, its subcommands, and options.

I came across the tag command. It looked useful, so I ran git tag to check if git tags existed.

As a result, I found a tag named secret. I wanted to read it, but the cat command didn't work for tag.

So I ran man git again, and found out the show command. I thought that it might work.
I ran git show secret, and it worked! Finally, I successfully obtained the password for the next level.

##Bandit Level 31 → Level 32

Level Goal
There is a git repository at ssh://bandit31-git@localhost/home/bandit31-git/repo via the port 2220. The password for the user bandit31-git is the same as for the user bandit31.

Clone the repository and find the password for the next level.

Commands you may need to solve this level
git

How I solved it

First, I created a working directory by running mkdir /tmp/sank31, then I moved into it.
Next, I cloned the repository using: git clone ssh://bandit31-git@localhost:2220/home/bandit31-git/repo.
After the cloning process completed, I ran ls and found a directory named repo.
I moved into repo using cd, and used ls again.

There was a file named README.md, and I read it using cat.
The file instructed me: "This time your task is to push a file to the remote repository", with details.
So, I created a file using vi, intending to name it key.txt , but I accidentally named it key.ext.

So I crrected name of the file using mv.
I already knew the steps for pushing a file to a remote git repository.
1. git add
2. git commit
3. git psuh
I first tried git add key.txt, but it didn't work. The system told me to use -f opition.
So I corrected the command gat add -f key.txt. This time, it worked.
Then I entered git commit -m "upload key.txt. It means that make a memo about "upload key.txt" for commit.
After the commit process completed, I pushed it running git push origin master. The origin in my command is a nickname for a remote repository---usually created automatically when you clone a repository.
The system prompted me for a password, so I entered the one for Level 31, and then it gave me the password for the next level.
Finally I could successfully log in for Level 32.

##Bandit Level 32 → Level 33

Level Goal
After all this git stuff, it’s time for another escape. Good luck!

Commands you may need to solve this level
sh, man

How I solved it

When I logged into bandit32, I was greeted withe the message: "WELCOME TO THE UPPERCASE SHELL".
I quickly noticed that I couldn't typed command properly---every command I entered was automatically converted to uppercase, which made them invalid in a Linux shell.
I suspected that a custom shell script was being used for this level, one that forces all input to uppercase.
If that was the case, it's likely had a shebang(#!) at the top, specifying which shell to use.
To bypass the uppercase behavior, I ran $0, which refers to the current shell script or program, and it worked.
It launched the real shell sh without the uppercase transformation.
Finally, I successfully obtained the passowordf for the next level by using cat /etc/bandit_pass/bandit33.

That's it! --- all levels of the OverTheWire Bandit Wargame completed!
I'll be takling more wargames soon, so stay tuned.
Thank you for following along!

[Write Up] Bandit Wargame Clear Log (Level 20 - 25)

San Kang — Thu, 05 Jun 2025 12:53:11 +0000

OverTheWire Bandit Wargame Level 10–20: My Step-by-Step Solutions

This is the second review about Over the wire : Bandit wargames.
While I studying python3, I explored various area of IT and became interested in cybersecurity.
Then I found the Bandit wargames and totally got hooked.
Starting today, I'll write down how I cleared each level of the wargames. This will be a way for me to improve both computer skills and English writing skills.
Please let me know if I use any awkward expressions or provide incorrect information.

If you need more details about Bandit wargames, please check this link : http://www.overthewire.org/wargames

21. Bandit Level 20 → Level 21

Level Goal
There is a setuid binary in the homedirectory that does the following: it makes a connection to localhost on the port you specify as a commandline argument. It then reads a line of text from the connection and compares it to the password in the previous level (bandit20). If the password is correct, it will transmit the password for the next level (bandit21).

NOTE: Try connecting to your own network daemon to see if it works as you think

Commands you may need to solve this level
ssh, nc, cat, bash, screen, tmux, Unix ‘job control’ (bg, fg, jobs, &, CTRL-Z, …)

How I solved it

I used ls first to find a setuid binary, and I found the suconnect file.
Next, I excuted ./suconnect to see how to use it.

After that, I opened another terminal emulator and logged into the bandit20 account again.(At first, I made a mistake by not logging into thebandit20 account)
In the second terminal, I ran nc -nlvp 12345 and entered current level's password when prompted.
The -nlvp option is a combination of four options: -n means "Do not resolce DNS(use raw IP)", -l put Netcat in listen mode, -v enables verbose ouput, and -p specifies the port number.

Back in the first terminal, I ran ./suconnect 12345, which connected to the Netcat server and sent the password for the next level.

As a result, I received the password for level 20 in the second terinal and I used it to log in successfully.

22. Bandit Level 21 → Level 22

Level Goal
A program is running automatically at regular intervals from cron, the time-based job scheduler. Look in /etc/cron.d/ for the configuration and see what command is being executed.

Commands you may need to solve this level
cron, crontab, crontab(5) (use “man 5 crontab” to access this)

How I solved it

I started by using the ls command to check the files in current directory, but there was nothing there.
Next, I moved into the /etc/cron.d directory using the cd command.
Then I ran ls -l to view the files in the directory along with their permissions.
I found a file named cronjob_bandit22, and I read it using the cat command.
The file indicated that when the cron job runs, it execute a script called cronjob_bandit22.sh.
So I used cat again to read the cronjob_bandit22.sh file.
From the script, I learned that it write the password for the next level to a specific file: /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv.
So I ran cat /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv to read the password.
As a result, I got the password for level 22, so I successfully logged into the next level.

23. Bandit Level 22 → Level 23

Level Goal
A program is running automatically at regular intervals from cron, the time-based job scheduler. Look in /etc/cron.d/ for the configuration and see what command is being executed.

NOTE: Looking at shell scripts written by other people is a very useful skill. The script for this level is intentionally made easy to read. If you are having problems understanding what it does, try executing it to see the debug information it prints.

Commands you may need to solve this level
cron, crontab, crontab(5) (use “man 5 crontab” to access this)

How I solved it

I ran cd /etc/cron.d and used ls to check th files in the current directory.
Then I entered cat cronjob_bandit23 to read the file. It indicated that a cronjub runs a script called cronjob_bandit23.sh.
So I used cat again to read the 'cronjob_bandit23.sh` file.
From the script, I learned that it copy the file to a sepcific path using the current user's name.

I copied the code in the script and created a new file named key23.sh using the vi command.
I replaced $(whoami) with bandit23 in the script to make it work manually.

After saving the file, I changed it's permissions to 777 using chmod, and then executed it.
The password for 23 level was copied to /tmp/8ca319486bfbbc3663ea0fbe813263491.
Finally, I ran cat /tmp/8ca319486bfbbc3663ea0fbe81326349 to read the password.
As a result, I got the password for level 23.

24. Bandit Level 23 → Level 24 (I spent so much time in this level!!)

Level Goal
A program is running automatically at regular intervals from cron, the time-based job scheduler. Look in /etc/cron.d/ for the configuration and see what command is being executed.

NOTE: This level requires you to create your own first shell-script. This is a very big step and you should be proud of yourself when you beat this level!

NOTE 2: Keep in mind that your shell script is removed once executed, so you may want to keep a copy around…

Commands you may need to solve this level
chmod, cron, crontab, crontab(5) (use “man 5 crontab” to access this)

How I solved it

I ran cd /etc/cron.d and used the ls command to check the files in the current directory.
I found a file named cronjob_bandit24, so I entered cat cronjob_bandit24 to read it.
The file indicated that a cronjob excutes a script called cronjob_bandit24.sh.
By the way, the ***** format represents the cron schedule: miniute, hour, day of month, month, day of week, respectively.
I used cat again to read the 'cronjob_bandit24.shfile. From the script, I learn that it executes and deletes all files in a specific specific directory---in this case,/var/spool/bandit24/foo`.

I moved into /var/stool/bandit24/foo derectory using cd and I tried to use the ls command, but I couldn't, because I had no permission.
Because I wanted to creat a shell-script, I used the echo command, which immediately wries a string to a file: echo "cat /etc/bandit_pass/bandit24 > /tmp/passwd24" > sank24.sh
(I could have used the vi command as before, but I choose echo this time because it was simpler.)
Then, I and changed permissions of sank24.sh to 777 using chmod, so the cronjob could execute it.
I confirmed the permission using ls -l, then waited. Eventually, sank24.sh was deleted by the cronjob, and passwd24 appeared int the /tmp directory.
Finally, the passwd24 file was appeared, and I successfully got the password for the next level by reading it.

25. Bandit Level 24 → Level 25

Level Goal
A daemon is listening on port 30002 and will give you the password for bandit25 if given the password for bandit24 and a secret numeric 4-digit pincode. There is no way to retrieve the pincode except by going through all of the 10000 combinations, called brute-forcing.
You do not need to create new connections each time

How I solved it

It was obvious that I had to write code that automatically submits this level's password along with all possible 4-digit pincodes.
So, I ran mkdir /tmp/sank25 to make a working directory, and moved into it.
Since Python3 was the most familiar programing language to me, I decided to use it. I checked the path of python3 using which python3. Then I create a Python script namedauto.py` with the following content:

!/usr/bin/python3

for i in range(10000):
a = "gb8KRRCsshuZXI0tUuR6ypOFjiZbf3G8 "
b = f"{i:04d}"
print(a+b)

After saving the file, I tried to excute it, but Oops! I got a "permission denied" error.
So, I changed permissions of the auto.py script using chmod. Then tried again.
The code worked! So I ran ./auto.py | nc localhost 30002 to find the password for the next level.
My command worked successfully, so got the password.

Then I realized that using grep would help filter the output more clearly.
So I entered ./auto.py | nc localhost 30002 and add grep -v with | symbol. The -v option means invert match, so it helps to select nonmatching lines.
That was how I retrieved the password for the next level. I then used it to log into Level 25.

I’m continuing with higher levels, and I’ll post my solutions step by step.
If you find this helpful or want to follow along, feel free to leave a comment!

[Write Up] Bandit Wargame Clear Log (Level 10 - 20)

San Kang — Fri, 30 May 2025 04:47:56 +0000

OverTheWire Bandit Wargame Level 10–20: My Step-by-Step Solutions

This is the second review about Over the wire : Bandit wargames.
While I studying python3, I explored various area of IT and became interested in cybersecurity.
Then I found the Bandit wargames and totally got hooked.
Starting today, I'll write down how I cleared each level of the wargames. This will be a way for me to improve both computer skills and English writing skills.
Please let me know if I use any awkward expressions or provide incorrect information.

If you need more details about Bandit wargames, please check this link : http://www.overthewire.org/wargames

11. Bandit Level 10 → Level 11

Level Goal
The password for the next level is stored in the file data.txt, which contains base64 encoded data

Commands you may need to solve this level
grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd

Helpful Reading Material
Base64 on Wikipedia

How I soved it

I entered the ls command first, and then I found the data.txt file which contained base64 encoded data.
So I decoded it using the base64 command with the -d option, which stands for decode.
After I added data.txt, I pressed the Enter key. Then the password popped up, so I logged into level 11.

12. Bandit Level 11 → Level 12

Level Goal
The password for the next level is stored in the file data.txt, where all lowercase (a-z) and uppercase (A-Z) letters have been rotated by 13 positions

Commands you may need to solve this level
grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd

Helpful Reading Material
Rot13 on Wikipedia

How I soved it

I started by entering ls to check the files in the current directory and I found the data.txt file.
I tried to read it using cat, but the contents were unreadable. To understand it, I needed to decode the letters.
So I used the tr command which helps translate or delete characters.
I used the arguments '[A-Za-z]' and '[N-ZA-Mn-za-m]' to define the ROT13 transformation, conbined with the '|' symbol to pipe the contets form cat.
As a result, I found the password for the next level.

13. Bandit Level 12 → Level 13

Level Goal
The password for the next level is stored in the file data.txt, which is a hexdump of a file that has been repeatedly compressed. For this level it may be useful to create a directory under /tmp in which you can work. Use mkdir with a hard to guess directory name. Or better, use the command “mktemp -d”. Then copy the datafile using cp, and rename it using mv (read the manpages!)

Commands you may need to solve this level
grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd, mkdir, cp, mv, file

Helpful Reading Material
Hex dump on Wikipedia

How I soved it

I found the data.txt file using the ls command. After that, I made the sank12 directory in the temp directory to solve this game more easier.
Then I copied the data.txt file using the cp command into the sank12 directory.
I moved into the sank12 directory using the cd command, and then I typed ls to find the data.txt file.
Next, I entered the xxd command with the -r option to decode the data.txt file. But it was unreadable.
So I added the > symbol and a new file name -- in this case, bandit12 to save the result.
I checked the files in the current directory using ls. The bandit12 file apeared.
I needed to know what the bandit12 file type is. So I used the file command to check and then I knew it was gzip.

Before I decoded it, I had to change the file extension to gz. So I entered mv bandit12 bandit12.gz, which means "I want to move the bandit file to the bandit.gz file.
Then I decoded the bandit.gz file using the gunzip command. After that, I entered ls again and I found the bandit file.
I used the file command again, so I could catch that the bandit12file was compressed by bzip2.
I changed the bandit12 file to bandit12.bz2, and I decoded it using the bzip2 command with the -d option.
And then, I entered the ls command again. I found the bandit12 file, so I used the file command again to know what the bandit12file type is. It was gzip, so I decoded it using thegunzipcommand. And then, thebandit12file apeared. I checked the type of thebandit12file using thefilecommand. It was thetar. I enteredmv bandit12 bandit12.tar, and then I typedtar -xf bandit12.tarto decode thebandit12file. After that, I enteredlsto check the files in the current directory. And I found thedata5.binfile. I used thefilecommand, so I knew the typed of thedata5.bin` file was tar.

I entered mv data5.bin data5.tar. Then I typed tar -xf data5.tar. After that I used the ls command.
I found the data6.bin file. I used the file command to check the type of the file and then I knew it was tar.
I entered mv data6.bin data5.tar. Then I typed tar -xf data6.tar. After that I used the ls command.
I found the data8.bin file. When I checked it using the file command, it was gzip.
So I changed the file name to data8gz, and then I tried to decode it using the gunzip command.
As a result, the data8 file apeared. It was the ASCII text file.
So I used the cat command to read the file and finally I found the password for the next level.

14. Bandit Level 13 → Level 14

Level Goal
The password for the next level is stored in /etc/bandit_pass/bandit14 and can only be read by user bandit14. For this level, you don’t get the next password, but you get a private SSH key that can be used to log into the next level. Note: localhost is a hostname that refers to the machine you are working on

Commands you may need to solve this level
ssh, telnet, nc, openssl, s_client, nmap

Helpful Reading Material
SSH/OpenSSH/Keys

How I solved it

First of all, I entered the id command to check my current user ID. It's bandit13.
So it was clear that I could not read the bandit14 file.##13. Bandit Level 13 → Level 14

Commands you may need to solve this level
ssh, telnet, nc, openssl, s_client, nmap

Helpful Reading Material
SSH/OpenSSH/Keys

How I solved it

First of all, I entered the id command to check my current user ID which was bandit13.
So it was clear that I could not read the bandit14 file directly.
I used the ls command to check the files in the current directory and found the sshkey.private file.
Next, I used the man command with ssh to find an option that aloows using a private key.
I found that the -i option let me specify the identity file for public key authentication.
So I entered the ssh command with the -i sshkey.private option.
Then, I added bandit14@locahost -p 2220 that the address which I wanted to logged in.
The bandit system asked me to continue, and I entered yes. Finally I logged into bandit14.

**15. Bandit Level 14 → Level 15

Level Goal
The password for the next level can be retrieved by submitting the password of the current level to port 30000 on localhost.

Commands you may need to solve this level
ssh, telnet, nc, openssl, s_client, nmap

Helpful Reading Material
How the Internet works in 5 minutes (YouTube) (Not completely accurate, but good enough for beginners)
IP Addresses
IP Address on Wikipedia
Localhost on Wikipedia
Ports
Port (computer networking) on Wikipedia

How I solved it

I started by entering cat /etc/bandit_pass/bandit14 to find the current password.
After I found the password, I used the nc command. The nc command stands for netcat, which is short for network and the cat command.
Then I add the localhost IP address(127.0.0.1) and port number(30000), and I pressed the Enter key.
Then I entered the current level password. As a result, I got the password for the next level.

16. Bandit Level 15 → Level 16

Level Goal
The password for the next level can be retrieved by submitting the password of the current level to port 30001 on localhost using SSL/TLS encryption.

Helpful note: Getting “DONE”, “RENEGOTIATING” or “KEYUPDATE”? Read the “CONNECTED COMMANDS” section in the manpage.

Commands you may need to solve this level
ssh, telnet, nc, ncat, socat, openssl, s_client, nmap, netstat, ss

Helpful Reading Material
Secure Socket Layer/Transport Layer Security on Wikipedia
OpenSSL Cookbook - Testing with OpenSSL

How I solved it

First of all, I entered cat /etc/bandit_pass/bandit15 to find the current level's password.
Next, I ran the openssl command with the s_client subcommand(I made many mistakes here at first---I kept using -s_client, but you should not use the dash. It's a subcommand, not an option.)
The s_client subcommand helps you connect directly to an SSL/TLS serever.
Then I added the -connect option with the address localhost:30001 and pressed Enter`.
Once connected, I pasted the current level's password. As a result, I got the password for the next level.

17. Bandit Level 16 → Level 17

Level Goal
The credentials for the next level can be retrieved by submitting the password of the current level to a port on localhost in the range 31000 to 32000. First find out which of these ports have a server listening on them. Then find out which of those speak SSL/TLS and which don’t. There is only 1 server that will give the next credentials, the others will simply send back to you whatever you send to it.

Helpful note: Getting “DONE”, “RENEGOTIATING” or “KEYUPDATE”? Read the “CONNECTED COMMANDS” section in the manpage.

Commands you may need to solve this level
ssh, telnet, nc, ncat, socat, openssl, s_client, nmap, netstat, ss

Helpful Reading Material
Port scanner on Wikipedia

How I solved it

I started by entering cat /etc/bandit_pass/bandit16 to find the password for the current level.
Next, I entered the nc command with the -r -w 1 -z option.
The -r option makes to scan ports in a random order instead of sequentially. It helps you avoid detection by intrusion detection systems(IDS) by making scan patterns unpredictable.
The -w 1 option sets limits the connection attimpt timeout to 1 second. This option helps you speed up scans and avoid hanging on unresponsive ports.
The -z option means to check connection without sending or receicing any data. If you want to check only the ports are opened or not, this option will be help.
As a result, I found five opended ports, so I tried to find out which of those speak SSL/TLS one by one.

I tried port 31046 first by using openssl s_client -connect localhost:31046, but it didn't support SSL/TLS.

So I moved on to the next one: I entered openssl s_client -connect localhost:31790, and it worked!
Once connected, I pasted the current level's password. However, it only reurned a single message---KEYUPDATE, and nothing else.

That felt suspicious because the wargame description stated: "There is only 1 server that will give the next credentials, the others will simply send back to you whatever you send to it."
So I retried the same command, but dhis time I added the -ign_eof option, which allows you to keep reading input even after the server disconnects.
I ran the command again and pasted the current level's password. This time, the server responded with an RSA private key.
I saved the key as key16 inside the /tmp/sank16 directory.
Then I tried to log in to the next level using the command: ssh -i key16 bandit17@localhost -p 2220.

But I was denied., because permissions on the key16 file were too open.
I checked the file permissions using ls -l key16 and then fixed it with chmod 700 key16.
After that, I retried the SSH login---and it worked!

18. Bandit Level 17 → Level 18

Level Goal
There are 2 files in the homedirectory: passwords.old and passwords.new. The password for the next level is in passwords.new and is the only line that has been changed between passwords.old and passwords.new

NOTE: if you have solved this level and see ‘Byebye!’ when trying to log into bandit18, this is related to the next level, bandit19

Commands you may need to solve this level
cat, grep, ls, diff

How I solved it

I started by entering ls to check the files in the current directory, and I found two files: passwords.new and password.old.
I used the diff command to check the difference with those two files. I entered diff passwords.new passwords.old.
As a result, I found the password for the next level. So I logged into level 18.

19. Bandit Level 18 → Level 19

Level Goal
The password for the next level is stored in a file readme in the homedirectory. Unfortunately, someone has modified .bashrc to log you out when you log in with SSH.

Commands you may need to solve this level
ssh, ls, cat

How I solved it

The wargame discripion stated: "Someone has modified .bashrc to log you out when you log in with SSH."
.bashrc is a user-level script that runs automatically when a bash shell is started, so I needed to bypass or avoid it.
To do that, I entered ssh bandit18@bandit.labs.overthewire.org -p 2220 /bin/sh, which starts a sh shell instead of bash.
I succefully logged into level 18, then I used the ls command and found the readme file.
Finally I ran cat readme and got the password for the next level.

20. Bandit Level 19 → Level 20

Level Goal
To gain access to the next level, you should use the setuid binary in the homedirectory. Execute it without arguments to find out how to use it. The password for this level can be found in the usual place (/etc/bandit_pass), after you have used the setuid binary.

Helpful Reading Material
setuid on Wikipedia

How I solved it

I started by entering ls to check the files in the current directory.
I found the bandit20-do file and executed it to see how to use it.
The file allows me to run a command as another user---in this case, bandit20.
So I ran ./bandit20-do cat etc/bandit_pass/bandit20 and got the passoword for level 20.

I’m continuing with higher levels, and I’ll post my solutions step by step.
If you find this helpful or want to follow along, feel free to leave a comment!

[Write Up] Bandit Wargame Clear Log (Level 0 - 10)

San Kang — Mon, 26 May 2025 06:32:13 +0000

OverTheWire Bandit Wargame Level 0–10: My Step-by-Step Solutions

This is the first review about Over the wire : Bandit wargames.
While I studying python3, I explored various area of IT and became interested in cybersecurity.
Then I found the Bandit wargames and totally got hooked.
Starting today, I'll write down how I cleared each level of the wargames. This will be a way for me to improve both computer skills and English writing skills.
Please let me know if I use any awkward expressions or provide incorrect information.

If you need more details about Bandit wargames, please check this link : http://www.overthewire.org/wargames

0. Bandit Level 0

Level Goal
The goal of this level is for you to log into the game using SSH. The host to which you need to connect is bandit.labs.overthewire.org, on port 2220. The username is bandit0 and the password is bandit0. Once logged in, go to the Level 1 page to find out how to beat Level 1.

Commands you may need to solve this level
ssh

Helpful Reading Material
Secure Shell (SSH) on Wikipedia
How to use SSH on wikiHow

How I solved it

The task was to log into the game using SSH, so I started by typing ssh.
Then I entered bandit0@bandit.labs.overthewire.org, which includes the username and server address.
After that, I added the '-p 2220' option. -p specifies the port, and 2220 is the port number provided by the Bandit wargames site.
The password to log in is 'bandit0' provided by the Bandit wargames site.

1. Bandit Level 0 → Level 1

Level Goal
The password for the next level is stored in a file called readme located in the home directory. Use this password to log into bandit1 using SSH. Whenever you find a password for a level, use SSH (on port 2220) to log into that level and continue the game.

Commands you may need to solve this level
ls , cd , cat , file , du , find

TIP: Create a file for notes and passwords on your local machine!

Passwords for levels are not saved automatically. If you do not save them yourself, you will need to start over from bandit0.

Passwords also occasionally change. It is recommended to take notes on how to solve each challenge. As levels get more challenging, detailed notes are useful to return to where you left off, reference for later problems, or help others after you’ve completed the challenge.

How I solved it

~ means the home directroy. So I knew current directory was home directory.
I entered ls first to check the list of files in the current directory.
I found the readme file, so I typed cat readme to read it.
The password for next level appeared. After I coppying it, I entered exit to logout.
Using the password, I logged into the next level with ssh bandit1@bandit.labs.overthewire.org -p 2220.

2. Bandit Level 1 → Level 2

Level Goal
The password for the next level is stored in a file called - located in the home directory

Commands you may need to solve this level
ls , cd , cat , file , du , find

Helpful Reading Material
Google Search for “dashed filename”
Advanced Bash-scripting Guide - Chapter 3 - Special Characters

How I solved it

~ showed me that the current directory was the home directory.
I entered ls to check the list of files in the home directory.
There was a file named -. But if I just typed cat -, I couldn't read the file because - usually means "use standard input" or "use options". My computer couldn't probably didn't recognize that - was the actual file name.
So I use the full path like cat ./- to make it clear that - was a file.
After I got the password for the next level, I logged out and logged into level2.

3. Bandit Level 2 → Level 3

Level Goal
The password for the next level is stored in a file called spaces in this filename located in the home directory

Commands you may need to solve this level
ls , cd , cat , file , du , find

Helpful Reading Material
Google Search for “spaces in filename”

How I solved it

~ showed me that the current directory was the home directory.
I entered 'ls' to check the list of files in the home directory, and I found a file named spaces in this filename.
If I had just typed "cat spaces in this filename", my computer probably wouldn't have recognized it as a single file name, because it wouldn't understand that the spaces were part of the name.
So I had to make it clear that "spaces in this filename" was a single filename. I had two options.
First, I could use "". If I typed "" like cat "spaces in this filename", the computer would recognize it correctly.
Or, I could use \ like cat spaces\ in\ this\ filename. That also works.
I usually choose second method because it's more convenient when using Tab. The Tab key has an autocomplete function, so try it!
After I got the password for the next level, I logged out and logged into level3.

4. Bandit Level 3 → Level 4

Level Goal
The password for the next level is stored in a hidden file in the inhere directory.

Commands you may need to solve this level
ls , cd , cat , file , du , find

How I solved it

I started by entering ls to find the inhere directory.
After I found the inhere directory, I typed cd inhere to enter in.
Then I used ls -a. The -a option means "all", so it helps to show hidden files.
I found the ...Hiding-From-You file, and opened it using the cat command.
I got the password for the next level, so I logged into level 4.

5. Bandit Level 4 → Level 5

Level Goal
The password for the next level is stored in the only human-readable file in the inhere directory. Tip: if your terminal is messed up, try the “reset” command.

Commands you may need to solve this level
ls , cd , cat , file , du , find

How I solved it

I started by typing ls to find the inhere directory.
After I entered the inhere directory, I tried the ls command again to check the files in the current directory.
There were eight files, and I wanted to check all of them conveniently, so I used the file command to determine what kind of data each file contained.
I also used the ./* as the argument. ./ refers to the current directory, and the * means "all files".
As a result, I found that -file07 contained ASCII text.
I got the password using the cat command, then I logged into level 5.

6. Bandit Level 5 → Level 6

Level Goal
The password for the next level is stored in a file somewhere under the inhere directory and has all of the following properties:

human-readable
1033 bytes in size
not executable

Commands you may need to solve this level
ls , cd , cat , file , du , find

How I solved it

I started by entering ls to find the inhere directory, and then moved into it.
Next, I typed ls again to see what was inside. There were nineteen subdirectories.
Should I check each directory one by one? No way!
So I used the find command, which helps locate files based on certain criteria.
I entered -type f to search only for regular files.
Then I added -size 1033c, where c stands for bytes.
Finally, I included ! -excutable. The ! negates the condition, meaning the file should not be executable. Then I pressed the Enter key.
Only one file matched all the conditions. I read that file using cat and found password for the next level.

7. Bandit Level 6 → Level 7

Level Goal
The password for the next level is stored somewhere on the server and has all of the following properties:

owned by user bandit7
owned by group bandit6
33 bytes in size

Commands you may need to solve this level
ls , cd , cat , file , du , find , grep

How I solved it

First of all, I moved into root directory using cd /, because I didn't know where the password file was.
Then I used the find command, which helps locate files based on specific criteria.
I added -user bandit7 and -group bandit6 to search for files owned by user bandit7 and group bandit6.
Next, I included -size 33c, wherecstands for bytes. Then I pressed theEnterkey. I got the result, however, there were too many lines to read. So I added2> /dev/nullwhich dicards error massage automatically. Only one file poped up. I read the file usingcat` and found password for the next level.

8. Bandit Level 7 → Level 8

Level Goal
The password for the next level is stored in the file data.txt next to the word millionth

Commands you may need to solve this level
man, grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd

How I solved it

First, I typed the ls command to find the data.txt file, and then tried to read it using cat.
There were too much text in the file, so I a needed more efficient method.
I knew two options to solve this problem : using the vi command or the grep command.
If you enter vi data.txt, the data.txt file will be opened in the visual editor program. And then you can use the / command to search for a word - in this case, millionth.
But I prefer using the grep command, whcih helps locate a specific word.
So I entered cat data.txt | grep millionth. The | sympol is called a pipe - it sends the result to the next command.
As a result, the word millionth and the password popped up. I copied it and then logged into level 8.

9. Bandit Level 8 → Level 9

Level Goal
The password for the next level is stored in the file data.txt and is the only line of text that occurs only once

Commands you may need to solve this level
grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd

Helpful Reading Material
Piping and Redirection

How I solved it

I first found the data.txt file using the ls command. Then, I tried to read it using cat, but it contained too many lines to easily find the password.
So I used sort data.txt to sort the lines alphabetically, but it was still too difficult to locate the password.
That's why I used the uniq command with the -u option, conbined with the |(pipe) symbol. This combination helps extract the only line of text that appears exactly once.
As a result, I got the password for the next level.

10. Bandit Level 9 → Level 10

Level Goal
The password for the next level is stored in the file data.txt in one of the few human-readable strings, preceded by several ‘=’ characters.

Commands you may need to solve this level
grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd

How I solved it

First, I found the data.txt file using the ls command. Then, I tried to read it using cat, but it was unreadable because it contained not only text but also binary data.
So I used the strings command in combination with grep. The strings command extracts only human-readable text from binary files.
As a result, I found the password for the level 10.

I’m continuing with higher levels, and I’ll post my solutions step by step.
If you find this helpful or want to follow along, feel free to leave a comment!

🧙‍♂️ Mini Project 2 - RPG Simulator v1.0 (with Python) 🎮

San Kang — Thu, 08 May 2025 15:25:14 +0000

This mini project is a simple text-based RPG battle simulator built using Python.

It was created as part of my learning journey after completing the SoloLearn Python course, with lots of help and code review from ChatGPT.

I'm excited to announce that version 1.0 is complete!

✅ Features Implemented in v1.0

Battle Mode Selection: Easy (vs. Fox) / Hard (vs. Dragon)
Character Selection: Knight / Wizard
Each character and enemy has unique stats (str, int, HP, MP)
In-battle actions:
- Attack: based on strength, no MP cost
- Spell: based on intelligence, costs 10 MP
MP check before casting spells
End of battle is determined by HP reaching 0
If the enemy is defeated by your attack, it won't counterattack

🐉 Feature Planned: Smarter Dragon AI (Hard Mode)

In the next update, I plan to improve the Dragon’s behavior:

Each turn, the Dragon will randomly choose to either:
- Perform an attack or
- Cast a spell (only if it has enough MP)

I'll use random.choice() and basic conditionals to implement this logic.

🔧 Refactoring Plan (Next Steps)

Encapsulate Battle Logic in a Function
- Currently, the combat code for each character is repeated
- Planning to extract it into a function like battle(player, enemy)
Unified Data Structures
- Merge individual variables like HP and MP into a single dictionary per character
- Include calculated values like attack and spell damage
Clean End-of-Battle Logic
- Refactor win/lose/draw messages for better readability
- Handle draw cases more explicitly

💬 Reflections

Even though this project is small, I learned a lot—from managing loops and conditionals to designing a basic game flow.

More importantly, I'm now thinking not just about what works, but how to structure code better.

It’s super rewarding to see how even text-based games can grow step by step!

Stay tuned for version 1.1, where the Dragon gets... smarter 😈

📌 GitHub Repo: 🔗 sankworks/rpg-simulator

Python #MiniProject #TextBasedGame #RPG #SoloLearn #ChatGPT

DEV Community: San Kang

[Adult Learning Log] C Language – Week 4 Review

○ Key Learning Points from Week 4

○ Expression (Formula)

○ Arithmetic Operators (Basic Arithmetic): +, -, *, /, %

○ Increment/Decrement Operators

○ Assignment Operators

○ Compound Assignment Operators

○ Relational Operators: ==, !=, >, <, >=, <=

○ Logical Operators: &&, ||, !

○ Ternary Operator (Conditional Operator)

○ Comma Operator

○ Bitwise Operators: &, |, ^, <<, >>, ~

○ Type Conversion & Operator Precedence

Type Conversion (Casting)

Explicit Casting

Operator Precedence

○ Practice

[Adult Learning Log] Data Structures – Week 3 Review

○ Key Takeaways from Week 3

○ Stack: Last-In First-Out (LIFO) Structure

Abstract Data Type (ADT) for Stack

Common Operations:

Common Use Cases:

○ Dynamically Linked Stack

Example Usage (C):

○ Stack Size and Print (Linked List Version)

size() Example:

print_stack():

○ Expression Evaluation and Notation Conversion

Expression Handling via Stack:

○ Multiple Stacks in a Single Array

[Adult Learning Log] Data Structures – Week 2 Review

○ Key Takeaways from Week 2

○ Sequential List

○ 1D Array

○ 2D Array

○ Strings = Character Array + Null Terminator \0

○ Passing Arrays to Functions

○ Structure (struct) Basics

○ Struct Operations and Nested Structures

○ Passing Structs to Functions

○ Polynomial Representation

○ Pointer Basics

○ Dynamic Memory Allocation

[Adult Learning Log] C Language - Week 3 Review

○ Key Takeaways from Week 3

○ Review Highlights

○ Data Types and Sizes: (1) Integer Types

○ Signed vs Unsigned

○ Integer Constant Suffixes

○ Overflow

○ Symbolic Constants

Symbolic Constant vs Variable

○ Data Types and Sizes: (2) Floating Point Types

Fixed vs Floating Point

Floating-point Overflow & Underflow

Why decimal for float range but binary for int?

○ Data Types and Sizes: (3) Character Type

Control Characters

\0 Null Terminator

○ Practice Activities

Practice 1: sizeof

Practice 2: Currency Converter

Practice 3: ASCII & Char Practice

[Adult Learning Log] C Language - Week 2 Review

[C Language Week 2] Comments, Preprocessor, Variables, and More

○ Key Takeaways from Week 2

○ Typical Program Structure

○ Comments in C

○ Preprocessor

Example:

Why use header files?

Example 2:

○ Structure of a Function

Example:

○ Variables

Declaration:

Standard Data Types:

Identifier Rules:

○ Arithmetic Operators (Basic Arithmetic): `+`, `-`, `*`, `/`, `%`

○ Relational Operators: `==`, `!=`, `>`, `<`, `>=`, `<=`

○ Logical Operators: `&&`, `||`, `!`

○ Bitwise Operators: `&`, `|`, `^`, `<<`, `>>`, `~`

`size()` Example:

`print_stack()`:

○ Strings = Character Array + Null Terminator `\0`

`\0` Null Terminator

Practice 1: `sizeof`

○ `printf()` and `scanf()`

`printf()` Example:

`scanf()` Example:

○ `scanf()` vs `scanf_s()` and Security