Bandit Level 4 to Level 8 | OverTheWire
Learn linux command by playing Bandit wargame. The Bandit wargame is aimed at absolute beginners. It will teach the basics needed to be able to play other wargames. Below is the solution of Level 4 → Level 5, Level 5 → Level 6, Level 6 → Level 7, Level 7 → Level 8, and Level 8 → Level 9.
In this post we will learn how to find a human readable file with certain size in bytes and with certain user.
The passwords are hidden, so you have to find the passwords for next level yourself.
Previous Post
Bandit Level 4 → Level 5
Level Goal
The password for the next level is stored in the only human-readable file in the inhere directory.
Tip: if your terminal is messed up, try the “reset” command.
Commands you may need to solve this level
ls, cd, cat, file, du, find
Solution :
Command to connect remote host : ssh bandit4@bandit.labs.overthewire.org -p 2220 password is **** .
file command is used to determine a file’s type or what file contains.
In inhere directory, there are 10 files -file00, -file01, …, -file09. The human-readable file means the content of that file is ASCII and we can find the type of content of a file by running command
1
file ./-file00
1
file ./-file01
…
1
file ./file07
We found that -file07 contains ASCII text.
Instead of checking each file we can use find and xargs command.
find program searches a given directory (and its subdirectories) for files based on a variety of attributes.
Command find . -type f searches all regular files in the current directory. Current directory is specified by . (dot).
The xargs command performs an interesting function. It accepts input from standard input and converts it into an argument list for a specified command.
Command find . -type f | xargs file finds all the regular files in the current directory and xargs constructs an argument list for file command and then executes it.
The password for the next level is **** .
Reference : The Linux Command Line – A Complete Introduction
https://stackoverflow.com/questions/12654026/how-to-count-all-the-human-readable-files-in-bash
Bandit Level 5 → Level 6
Level Goal
The password for the next level is stored in a file somewhere under the inhere directory and has all of the following properties:
- human-readable
- 1033 bytes in size
- not executable
Commands you may need to solve this level
ls, cd, cat, file, du, find
Solution :
Command to connect remote host : ssh bandit5@bandit.labs.overthewire.org -p 2220 password is **** .
In manual pages of find command it is mentioned that option -size is used to specify size of the file and c is used for bytes. -executable matches the executable files, so ! -executables matches the non executable files. We then pipe this output to xargs command which tells the content of the file found. Command is
1
find . -type f -size 1033c ! - executable | xargs file
The password for the next level is **** .
Reference : The Linux Command Line – A Complete Introduction
http://man7.org/linux/man-pages/man1/find.1.html
Bandit Level 6 → Level 7
Level Goal
The password for the next level is stored somewhere on the server and has all of the following properties:
- owned by user bandit7
- owned by group bandit6
- 33 bytes in size
Commands you may need to solve this level
ls, cd, cat, file, du, find, grep
Solution :
Command to connect remote host : ssh bandit6@bandit.labs.overthewire.org -p 2220 password is **** .
Since the password is stored somewhere on the server. Lets go to the root directory by running command cd .. two times.
From manual page of find command :
-user uname
File is owned by user uname (numeric user ID allowed).
-size n[cwbkMG]
File uses n units of space, rounding up. The following suffixes can be used:
‘c’ for bytes
-group gname
File belongs to group gname (numeric group ID allowed).
From the given, uname is bandit7, gname is bandit6 and n is 33c.
We want file with ASCII content and xargs file will tell us about that.
So the command is :
1
find -user bandit7 -group bandit6 -size 33c | xargs file
The password for the next level is **** .
Reference : The Linux Command Line – A Complete Introduction
http://man7.org/linux/man-pages/man1/find.1.html
Bandit Level 7 → Level 8
Level Goal
The password for the next level is stored in the file data.txt next to the word millionth
Commands you may need to solve this level
grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd
Solution :
Command to connect remote host : ssh bandit7@bandit.labs.overthewire.org -p 2220 password is **** .
Here we can use grep program. grep is used to find text patterns within file. The text we have to find is millionth and the password for next level is next to it.
The command is :
1
cat data.txt | grep millionth
The password for next level is **** .
Reference : The Linux Command Line – A Complete Introduction
Bandit Level 8 → Level 9
Level Goal
The password for the next level is stored in the file data.txt and is the only line of text that occurs only once
Commands you may need to solve this level
grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd
Solution :
Command to connect remote host : ssh bandit8@bandit.labs.overthewire.org -p 2220 password is **** .
We will use command sort to sort all texts in the file. Command uniq with option u i.e. uniq -u only prints unique lines. So the command is :
1
sort data.txt | uniq -u
and password is **** .
Reference : http://man7.org/linux/man-pages/man1/uniq.1.html
https://askubuntu.com/questions/915570/how-do-i-find-a-single-unique-line-in-a-file
Next Post
Bandit Level 9 to Level 11
Bandit Level 12 → Level 13
Bandit Level 13 to Level 15
Bandit Level 16 to Level 18
Bandit Level 19 to Level 20
Bandit Level 21 to Level 22
Bandit Level 23 → Level 24
Bandit Level 24 → Level 25
Bandit Level 25 to Level 26
Bandit Level 27 to Level 31
Bandit Level 32 → Level 33
Other Wargames
Leviathan Wargame from OverTheWire All Level Solutions
Krypton Wargame from OverTheWire All Level Solutions