OverTheWire Bandit Write Up – Level 15

These levels recently have been a welcoming change. Level 12 was quiet taxing on the old brain muscles. So it’s been quite enjoying to slow down a bit, and I hope that bandit level 15 goes the same way. If you haven’t had a chance to read my OverTheWire Bandit Write Up – Level 14 write up, give it a quick read then head back over here.

Level 15

Very similarly to the last level I need to submit the password from the previous level to `localhost` on port `30001` using SSL encryption.

Let’s Start Hacking Then

So as normal I need to get connected to the bandit level 15 system. So I need to spin up a fresh terminal and start the SSH connection.

ssh bandit15@bandit.labs.overthewire.org -p 2220

I enter the password I gained from the last level, it works, and I’m in. Knowing that I need to submit the password from the last level to port `30001` I can guess that there isn’t any files in the directory. But it would be silly at this point not to have a look. So I run the `ls` command, and as to be expected there is nothing the directory.

I can now start to work on submitting the password to the port over SSL. Doing some light Googling I found from the man page that I can use the `openssl` command with the `s_client` parameter to establish a SSL connection to a server. Knowing this now I run the following command.

openssl s_client -connect localhost:30001

…and I have a connection established. All I need to do now is send the password from the previous level. I enter the following;

BfMYroe26WYalil77FoDi9qh59eK5xNr

Pressing return key and I am presented with Correct!

…and Wham! Bam! Thank you ma’am! I have the password now for level 16.

Level 15 Complete

I have hidden the password here, if you are playing along don’t peek! Please! It’s more fun getting it yourself.

Leave a Reply