DEV Community

Krishna
Krishna

Posted on

3 1

OverTheWire Bandit Level 6 Level 7 walk-through

Challenge page => https://overthewire.org/wargames/bandit/bandit7.html

The password for the next level is stored somewhere on the server and has all of the following properties:

owned by user bandit7
owned by group bandit6
33 bytes in size

This challenge is very similar to the last one, the only difference being that we will have to search the entire filesystem.

We already know from the last challenge that using the find command is the best way to go about this.


Once again, what flags of the find command are required to search for this file?

Hint 1: Searching the man page will be enough to get the flags required


Alright then. After searching the man page, we have found the flags.

  • -user bandit7
  • -group bandit6
  • -size 33c

Since the file is "somewhere on the server", we will have to run the search from the root / directory.

So the final command would be

find / -user bandit7 -group bandit6 -size 33c

Let's execute it then

find command initial output


Be warned, since the user we used to log in is not root, the find command will visit a lot of directories which the bandit6 user does not the permissions to read. So we will encounter a lot of errors.

How do we get the errors out of the way so that we get a "clean" result?

Hint 2: A few web searches should yield a result. Read up on streams and I/O redirection


If you couldn't figure that out, its ok!

An easy way to get the errors out of the way is to send them to /dev/null as follows.

Alt Text

Looks like we got it!

What I did there was redirect the "stderr" stream to /dev/null, basically discarding it, and therefore ensuring that it does not get printed on the terminal.

Couple of articles to understand this better

Being comfortable with I/O redirection is an important part of being comfortable with the command line. Don't be afraid to get your hands dirty.

Note: A lot of programs will send useful error info to stderr in case of failure. So when debugging, and especially if there are a ton of error messages, it is common practice to redirect stderr to a file so that you can go through it later to figure out what happened.

Onto the next challenge!

AWS Security LIVE!

Tune in for AWS Security LIVE!

Join AWS Security LIVE! for expert insights and actionable tips to protect your organization and keep security teams prepared.

Learn More

Top comments (0)

The Most Contextual AI Development Assistant

Pieces.app image

Our centralized storage agent works on-device, unifying various developer tools to proactively capture and enrich useful materials, streamline collaboration, and solve complex problems through a contextual understanding of your unique workflow.

👥 Ideal for solo developers, teams, and cross-company projects

Learn more

👋 Kindness is contagious

Discover a treasure trove of wisdom within this insightful piece, highly respected in the nurturing DEV Community enviroment. Developers, whether novice or expert, are encouraged to participate and add to our shared knowledge basin.

A simple "thank you" can illuminate someone's day. Express your appreciation in the comments section!

On DEV, sharing ideas smoothens our journey and strengthens our community ties. Learn something useful? Offering a quick thanks to the author is deeply appreciated.

Okay