DEV Community

Adam
Adam

Posted on

OverTheWire (Bandit)

Bandit 2 -> Bandit 3

Call the file path in quotations

  • cat ./”<file-name>”

Bandit 3 -> Bandit 4

Show hidden files with “ls” ; ls -a

  • cat <hidden-file-name>

Bandit 4 -> Bandit 5

File command towards: inhere/* ; file /inhere/*

  • cat <the-readable-file-type’s-name>

Bandit 5 -> Bandit 6

“The password for the next level is stored in a file somewhere under the inhere directory and has all of the following properties:
human-readable
1033 bytes in size
not executable”
Not sure of which of the tools recommended to use. I try using man ls to grep for useful options, couldn’t figure it out with just ls. Next I try to use find and grepping through the manual for “byte” then “size” — I sucessfully found the file with one criteria, file size.

find . -size 1033c

c = byte when using the size option

Returned only 1 file on the system’s home directory, ./maybehere07/.file2

user login : pass - ssh bandit6@bandit.labs.overthewire.org -p 2220 : P4L4vucdmLnm8I7Vl7jG1ApGSfjYKqJU

Bandit 6 -> Bandit 7

“The password for the next level is stored somewhere on the server and has all of the following properties:
owned by user bandit7
owned by group bandit6
33 bytes in size”
Continuing to use the find tool. I end up searching for all 3 properties. -user bandit7 -group bandit6 -size 33c.

This returned a ton of files/directories back to me, many with permission errors. I didn’t understand this, so I did look at some tips elsewhere. Then trying to understand my answer, I clarify that pointing my output to /dev/null shows me all output that came without error messages.

find / -type f -user bandit7 -group bandit6 -size 33c 2>/dev/null

for password, cat this output: /var/lib/dpkg/info/bandit7.password

user login : pass - ssh bandit7@bandit.labs.overthewire.org -p 2220 : z7WtoNQU2XfjmMtWA8u5rN4vzqu4v99S

Bandit 7 -> Bandit 8

Top comments (0)