With level 4 completed I can now continue on to Bandit level 5. If you haven’t had a chance to read my OverTheWire Bandit Write Up – Level 4 write up give it a quick read then head back over here. Okay so all read? All caught up? Brilliant, let’s begin.
So by now the format of these levels is pretty similar. There’s a file with the password in it and it’s hiding from me on the remote server. Bandit level 5, however, requires more than just open a directory, read the file and away you go. This time I need to contend with multiple sub directories, and each sub directory has multiple files. Some of these files are data while others are human readable. The details I have been given about the file is
- the file is human-readable
- the file is not executable
- the file is 1033 bytes
Let’s start hacking then
So first things first, I load up a fresh new terminal and initiate a new SSH connection to the server using the following command.
ssh email@example.com -p 2220
The password from the last worked so I am in. I start with the most used command
ls and I can see a directory named
inhere I run
cd ./inhere and enter the directory. Once again I run the
ls however, this time I am bombarded with sub directories, named
Now I could go into what looks like 10 different directories and then check each of the files inside the to see where the password is, or, I can use the
find . -type f ! -executable
Running the previous command I can see there are a few files that are not executable. So I am still left with too many options. So I know that the file is 1033 bytes in size, looking at the find manual page I can see that we can add the ability to search by size also.
find . -type f -size 1033c ! -executable
I am now left with just a single file. just to check that the file is the one I need I tested that it is human-readable first with the following command.
The file is indeed human readable, not executable, and 1033 bytes in size, so I run the following command
…and Wham! Bam! Thank you ma’am! I have the password now for level 6.
Level 5 Complete
I have hidden the password here, if you are playing along don’t peek! Please! It’s more fun getting it yourself.
Level 6 password