The last level took me a long time, not only to complete but also to finish the write up. I am hoping this time Bandit Level 13 will be short and sweet. If you haven’t had a chance to read my OverTheWire Bandit Write Up – Level 12 write up, give it a quick read then head back over here. Read it? See what I mean, that level actually felt like a chore to write, anyway let’s get on.
The password for the next level is stored
/etc/bandit_pass/bandit14 and can only be accessed by the
bandit14 user. As I don’t know the password for the
bandit14 user yet, a ssh private key has been provided in the Bandit Level 13 users home directory. I can use this to connect to
localhost as the
Let’s Start Hacking Then
To start I need to connect to the machine, so I need to whip out a fresh terminal and initiate the SSH connection. I type that so often for these write ups that it’s now in my auto complete.
ssh email@example.com -p 2220
Entering the password I got from last level when asked and I am presented with the users home directory. I need to check what files are available to me to start. Using the
ls command I can see a file named
Being the cautions and potentially optimistic person I am, I want to check the contents of the file first before trying to use it.
The output of the file unsurprisingly is in fact a private key, worth a try though. I now need to create another SSH session to
localhost as the
bandit14 user. This is starting to feel a little bit like inception at the moment.
I wanted to go deeper and deeper.Cobb
I run the following command this time I tell it to use the private key using the
-ioption, and not specify which port. You can see more about the
ssh command on the man page.
ssh -i ./sshkey.private bandit14@localhost
Without the need for a password I am connected in and ready to go. All that’s left now is to get the contents of the
bandit14 file and we should be good. I run the following
…and Wham! Bam! Thank you ma’am! I have the password now for level 14.
Level 13 Complete
I have hidden the password here, if you are playing along don’t peek! Please! It’s more fun getting it yourself.
Level 14 password
Justin Byrne is a self motivated tech enthusiasts. Spending more than half his life dedicated to the tech industry. He built his first computer at the age of 11, and has been building ever since. His interests have changed across the years from system building to web programming and even a dab of software engineering., and just like his interests, his operating system has changed sometimes more then 4 times a year.