OverTheWire Bandit Write Up – Level 17

With the Christmas period pretty much over and done with. I can now really get my teeth sunk in and try my hand at the bandit level 17. If you haven’t had a chance to read my OverTheWire Bandit Write Up – Level 16 write up, give it a quick read then head back over here.

Level template

The password is contained in a file named `passwords.new`. However there are many passwords also included in that file. I need to compare the file with a second provided file name passwords.old to find what has changed.

Let’s Start Hacking Then

As like any of the previous levels I need to spin up a fresh terminal and initiate a SSH connection to the machine.

ssh bandit17@bandit.labs.overthewire.org -p 2220

I am then prompted for the password I acquired from the previous level. It works, and I’m in.

Using the ls command I have a look in the bandit level 17 home directory to see what files I have to play with. As to be expected I have a passwords.old file and a passwords.new file. I can start by having s look in the files to see if it is obvious what the password may be, I do this with the following commands;

cat passwords.old
cat passwords.new

However, there doesn’t seem to be an easy way to tell what the password may be. I have a look round the man pages and found that the diff command would probably work. So I execute the following command. After that it outputs the only line that doesn’t appear in both.

diff passwords.old passwords.new

…and Wham! Bam! Thank you ma’am! I have the password now for level 18.

Level 17 Complete

I have hidden the password here, if you are playing along don’t peek! Please! It’s more fun getting it yourself.

Leave a Reply