Scribd
Upload
31 views3 pages

"Backslash+space". Like, If Your Folder Name Is "Am A Programmer" Then The CD Command Will Be, "CD

This document outlines instructions for progressing through 14 levels of a Bandit wargame. It provides passwords and commands to use at each level to authenticate and complete tasks to retrieve the password for the next level. Some key steps include using SSH to log in to each level, running commands like ls, cat, grep, sort, uniq, base64, and find to discover hidden files containing the passwords needed to advance to the next level. The document also includes explanations of commands used and how Linux file permissions and directory structures work.

Uploaded by

Jaya Srivastava
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as ODT, PDF, TXT or read online on Scribd
31 views3 pages

"Backslash+space". Like, If Your Folder Name Is "Am A Programmer" Then The CD Command Will Be, "CD

This document outlines instructions for progressing through 14 levels of a Bandit wargame. It provides passwords and commands to use at each level to authenticate and complete tasks to retrieve the password for the next level. Some key steps include using SSH to log in to each level, running commands like ls, cat, grep, sort, uniq, base64, and find to discover hidden files containing the passwords needed to advance to the next level. The document also includes explanations of commands used and how Linux file permissions and directory structures work.

Uploaded by

Jaya Srivastava
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as ODT, PDF, TXT or read online on Scribd
You are on page 1/ 3

BANDIT

LEVEL 0
ssh -p 2220 [email protected]
pass: bandit0
ls
readme
cat readme
pass for level 1
LEVEL 1
ssh -p 2220 [email protected]
pass:enter the pass obtained in level 0
LEVEL 2
ls
-
bandit1@bandit:~$ cat /home/bandit1/- //When cat sees the string - as a filename, it treats it as a
synonym for stdin. To get around this, you need to alter the string that cat sees in such a way that it
still refers to a file called -. The usual way of doing this is to prefix the filename with a path - ./-, or
/home/Tim/-.

u get pass
exit
LEVEL 3
ssh -p 2220 [email protected]
enter pass
cat spaces\ in\ this\ filename //cd Linux\ Drive – open Linux Drive named folder in directory. Here you
can see I use backslash because the folder name has spaces so for each space you use
“backslash+space”. Like, if your folder name is “am a programmer” then the cd command will be, “cd
am\ a\ programmer”.
u get pass
exit
LEVEL 4
ssh -p 2220 [email protected]
input pass
bandit3@bandit:~$ ls
inhere
bandit3@bandit:~$ cat inhere
cat: inhere: Is a directory
bandit3@bandit:~$ find inhere
inhere
inhere/.hidden
bandit3@bandit:~$ cat inhere
cat: inhere: Is a directory

bandit3@bandit:~/inhere$ cat .hidden


pIwrPrtPN36QITSp3EQaw936yaFoFgAB
LEVEL 4
bandit4@bandit:~$ ls
inhere
bandit4@bandit:~$ cd inhere

bandit4@bandit:~/inhere$ ls
-file00 -file01 -file02 -file03 -file04 -file05 -file06 -file07 -file08 -file09
bandit4@bandit:~/inhere$ cat ./-file07
koReBOKuIDDepwhWk7jZC0RTdopnAYKh
bandit4@bandit:~/inhere$ cat ./-file03
��.A��u��#��#�w$N?c�-��Db3#��=�#�bandit4@bandit:~/inhere$ exit
logout
Connection to bandit.labs.overthewire.org closed.
jaihonikhil@jaihonikhil-HP-Pavilion-Laptop-15-cs1xxx:~$
LEVEL 5

koReBOKuIDDepwhWk7jZC0RTdopnAYKh
bandit5@bandit:~/inhere$ find . -type f -readable ! -executable -size 1033c
./maybehere07/.file2
bandit5@bandit:~/inhere$ cat ./maybehere07/.file2 /dev is the location of special
or device files. It is a very interesting directory that highlights one important aspect of the Linux
filesystem - everything is a file or a directory.
DXjZPULLxYr17uwoI01bNLQbtFemEgo7
LEVEL 6

bandit6@melinda:~$ find / -user bandit7 -group bandit6 -size 33c 2>/dev/null


/var/lib/dpkg/info/bandit7.password
bandit6@melinda:~$ cat /var/lib/dpkg/info/bandit7.password
HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs
bandit6@melinda:~$

//explanation to this is

/dev/null is the null device it takes any input you want and throws
it away. It can be used to suppress any output.

Further, 2> means that you are redirecting (i.e. >) the stderr (i.e. 2) into the black hole (i.e.
/dev/null)

LEVEL 7
bandit7@bandit:~$ ls
data.txt
bandit7@bandit:~$ cat data.txt|grep "millionth" // grep for finding
millionth cvX2JJa4CFALtqS87jk27qwqGhBM9plV
take this password
LEVEL 8
bandit8@bandit:~$ ls
data.txt
bandit8@bandit:~$ cat data.txt | sort | uniq -u // or use sort data.txt | uniq -u
UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR //The | is a pipe that redirects the output from one
command into another.
The uniq command reports or omits repeated lines and by passing it the -u argument we tell it to
report only unique lines.

LEVEL 9
strings data.txt | grep "="
use this
truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk

LEVEL 10
bandit10@melinda:~$ cat data.txt | base64 --decode
The password is IFukwKGsFW8MOq3IRFqrxE1hxTNEbUPR

You might also like