Bandit Level 7 - OverTheWire

More file attributes to use with find. Again, pretty straight forward. Just have to know which flags to set.

You can see that there's a snazzy little 2>/dev/null at the end of the line. This isn't specific to the find command. The 2 represents the Linux error stream. Basically we're telling it to take any errors that might result from the command and make them disappear into the /dev/null ether. Try the command without it and you'll see a bunch of permission denied errors. You just have to wade through those to find the file you're looking for.

Bandit Level 5 - OverTheWire

Time to pick up a new command! Turns out in this wargame, the password is in the only human readable file in the directory inhere. No problem, if you know how to use file. It goes like 

Note that I used the -i parameter to display the full mime-type. This makes the output a little more verbose than without providing you with the charset and mime-type. 

We have our password. Now on to the next level.

Bandit Level 4 - OverTheWire

The password is in a hidden file in the inhere directory. 

And that's it. The key here is to use the -al parameters for the ls command. The a tells the command to not ignore file names beginning with a period(.). The l tells it to use the long list format. I find that I like this format by default most of the time because it reveals permissions, ownership and whether or not we're dealing with files or directories (among other things). 

And now for the next level.

Bandit Level 3 - OverTheWire

The password is located in a file called "spaces in this filename" in the home directory. This is a trivial problem if you know about tab complete. I remember years and years ago when I first learned about tab complete when I just started working with the command line. It's a life saver. The resultant output from this solution ends up looking something like this:

How you get there is entirely up to you. You can either chose to type out the entire file name with the escape backslashes character by character. Or you can simply type "cat spa" and then just hit TAB. Voila.

On to the next level...

Bandit Level 1 - OverTheWire

I love wargames. They're a great way to learn independently and give you the chance to try things out in a guided/organized way instead of just fumbling around in your own lab at home. 

OverTheWire's Bandit is basically their entry level set of wargames to get you familiar with basic commands and concepts when it comes to ethical hacking. 

Over the next while I'll be posting solutions for each of the levels to Bandit. I'll also move on to the other wargames after. Some of them I've done. Others, I have not. So I'll be learning at the same time. 

Level 0 → Level 1

The first task is straight forward. It's essentially a matter of ssh'ing into the box and reading the password in plain text. 

 We have the password. Time to move on to Level 2.