With the Christmas period pretty much over and done with. I can now really get my teeth sunk in and try my hand at the bandit level 17. If you haven’t had a chance to read my OverTheWire Bandit Write Up – Level 16 write up, give it a quick read then head back over here.
The password is contained in a file named `passwords.new`. However there are many passwords also included in that file. I need to compare the file with a second provided file name
passwords.old to find what has changed.
Let’s Start Hacking Then
As like any of the previous levels I need to spin up a fresh terminal and initiate a SSH connection to the machine.
ssh firstname.lastname@example.org -p 2220
I am then prompted for the password I acquired from the previous level. It works, and I’m in.
ls command I have a look in the bandit level 17 home directory to see what files I have to play with. As to be expected I have a
passwords.old file and a
passwords.new file. I can start by having s look in the files to see if it is obvious what the password may be, I do this with the following commands;
cat passwords.old cat passwords.new
However, there doesn’t seem to be an easy way to tell what the password may be. I have a look round the man pages and found that the
diff command would probably work. So I execute the following command. After that it outputs the only line that doesn’t appear in both.
diff passwords.old passwords.new
…and Wham! Bam! Thank you ma’am! I have the password now for level 18.
Level 17 Complete
I have hidden the password here, if you are playing along don’t peek! Please! It’s more fun getting it yourself.
Level 18 password