OverTheWire.org Wargames – Bandit – Level 0 to Level 9

Home / OverTheWire.org Wargames – Bandit – Level 0 to Level 9

Initially I post the password in this article. When I move the article here from old site, I think I should remove it.

OverTheWire.org is one of good site offer WarGames. In this context, WarGame is a game specifically designed to help people learn and practice security concepts in the form of fun-filled game. One of wargame category provided by OverTheWire is Bandit category which is aimed at absolute beginners.

This writeup contains solutions of the OverTheWire challenges Bandit category which I solved. The solutions written here is for level 0 to level 9.

Jump Table

How to Play

Bandit, like other games, is organized in levels. We start playing at level 0 and try to “beat” or “finish” it. Finishing a level results in information on how to start the next level. Every level beaten will give clue how to start next level.

There are several things you can try when you are unsure how to continue:

  • First, if you know a command, but don’t know how to use it, try the manual (man page) by entering “man <command>” (without the quotes). e.g. if you know about the “ls” command, type: man ls. The “man” command also has a manual, try it. Press q to quit the man command.
  • Second, if there is no man page, the command might be a shell built-in. In that case use the “help <X>” command. E.g. help cd
  • Also, your favorite search-engine is your friend.
  • Lastly, if you are still stuck, you can join us on IRC

Level 0

ssh [email protected]

pass: bandit0

The simplest challenge. You only need to login to the system via SSH. Once you are in, get the password for next level by:

cat readme

Level 1

ssh [email protected]

pass:

Another simple challenge. Once you are login, you will notice a file on home directory named ‘-‘. Since the dash is a special character, we need special treatment.

cat ./-

Level 2

ssh [email protected]

pass:

Another simple challenge. Once you are login, you will notice a file on home directory named “spaces in this filename” (without quote). There are spaces in the filename, so we need extra treatment. There are two ways to solve this: write the filename in the quote, use escape character. Pick one.

cat "spaces in this filename"
cat spaces\ in\ this\ filename

Level 3

ssh [email protected]

pass:

There is a folder called inhere. It apperas blank at the first glance. However it’s not the case, there is a hidden file there.

cd inhere
ls -la
cat .hidden

Level 4

ssh [email protected]

pass:

Still, there is a directory called inhere. There we have few files inside. The direction said, password is the only human readable file, so with the file command we can see that the only ASCII text file is “-file07”

cd inhere
file ./*
cat "file07"

Level 5

ssh [email protected]

pass:

A folder with a bunch of folders inside, recursively. The direction told us the file containing password is 1033 bytes and we have to find a file with specific size.

cd inhere
find . -type f -size 1033c
cat ./maybehere07/.file2

Another solution:

cd inhere
ls -Rla . | awk '/:$/&&f{s=$0;f=0}
    /:$/&&!f{sub(/:$/,"");s=$0;f=1;next}
    NF&&f{ print s"/"$0 }' | grep 1033

Level 6

ssh [email protected]

pass:

Nothing on our home directory. The file is located somewhere on the server with the user bandit7 and the group bandit6. It also has 33 byets in size.

find / -type f -user bandit7 -group bandit6 -size 33c 2> /dev/null
cat /var/lib/dpkg/info/bandit7.password

Another solution:

ls -Rla / | awk '/:$/&&f{s=$0;f=0}
    /:$/&&!f{sub(/:$/,"");s=$0;f=1;next}
    NF&&f{ print s"/"$0 }' | grep '33|bandit5'

Level 7

ssh [email protected]

pass:

There is a file called data.txt in our home directory. It is a huge file we need to parse through. The password is located next to word millionth. We can simply use grep to solve this.

grep "millionth" data.txt

Level 8

ssh [email protected]

pass:

Password is found on the only unique line in the file data.txt. We can use sort and uniq to find it.

sort data.txt | uniq -u

Level 9

ssh [email protected]

pass:

Now it’s on binary file. We can’t easily grep through it. However we can use strings then grep through it. The direction said that the password is on one of the only lines beginning with an equal sign.

strings data.txt | grep =

,

About Author

about author

xathrya

A man who is obsessed to low level technology.

Leave a Reply

Your email address will not be published. Required fields are marked *

Social media & sharing icons powered by UltimatelySocial