OverTheWire Bandit Challenges #1 - #7
Took me a brief bit, but I did all levels from 1 to 7. These were a beginner course, but I got the hang of what they were trying to present to write into my report. The following will be a write up on how I did each challenge.
The premise of OverTheWireâs content is giving you access to an initial server box, which a flag (password) needs to be extracted to advance in the next stage. They have multiple âcoursesâ, with the beginner one being the Bandit course. Bandit has 34 levels in total, and everything is done on the console level. Itâs very promising for CTFers, I think. It gets progressively harder to the point where you do some really tricky stuff, plenty of learning.
To connect to the machine, I was given a name, username, password and port.
After this, I was given a simple password file. I catâd it, and advanced to the next level.
The password for the next level is stored in a file called - located in the home directory
Simple. I logged in, delimited the â-â symbol and printed it with cat ./-
CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9
The password for the next level is stored in a file called spaces in this filename located in the home directory
Same kind of thing, special characters.
cat "spaces in this filename"
UmHadQclWmgdLOKQ3YNgjWxGoRMb5luK
The password for the next level is stored in a hidden file in the inhere directory.
I ran âlsâ with the -la flag to print all hidden files.
total 12
drwxr-xr-x 2 root   root   4096 Oct 16  2018 .
drwxr-xr-x 3 root   root   4096 Oct 16  2018 ..
-rw-r----- 1 bandit4 bandit3 Â 33 Oct 16 Â 2018 .hidden
pIwrPrtPN36QITSp3EQaw936yaFoFgAB
The password for the next level is stored in the only human-readable file in the inhere directory. Tip: if your terminal is messed up, try the âresetâ command.
I just brute forced open all the files.
koReBOKuIDDepwhWk7jZC0RTdopnAYKh
The password for the next level is stored in a file somewhere under the inhere directory and has all of the following properties:
human-readable
1033 bytes in size
not executable
I used the find function with the specifications they gave me:
DXjZPULLxYr17uwoI01bNLQbtFemEgo7
The password for the next level is stored somewhere on the server and has all of the following properties:
owned by user bandit7
owned by group bandit6
33 bytes in size
find . -user bandit7 -group bandit6 -size 33c
HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs