You need to log in to a server using SSH with a series of usernames: bandit0, bandit1, bandit2, etc.Here is the information for your first login:
From a Mac or Linux machine, you can connect with this command:
- Server: bandit.labs.overthewire.org
- Port: 2220
- Username: bandit0
- Password: bandit0
ssh bandit0@bandit.labs.overthewire.org -p 2220
The password for the next question is stored in a file called readme located in the home directory. Use this password to log into bandit1 using SSH. Whenever you find a password for a level, use SSH (on port 2220) to log into that level and continue the game.
What is the password to login to bandit1?Hint
Commands you may need to solve this question:
ls, cd, cat, file, du, find
The password for the next question is stored in a file called `-` located in the home directory.
What is the password to bandit2?Hint
Commands you may need to solve this question:
ls, cd, cat, file, du, find
Helpful Reading Material:
dashed filename
Special Characters
The password for the next question is stored in a file called spaces in this filename located in the home directory.
What is the password to bandit3?Hint
Commands you may need to solve this question:
ls, cd, cat, file, du, find
Helpful Reading:
Spaces In Filename
The password for the next level is stored in a hidden file in the inhere directory.
What is the password to bandit4?Hint
Commands you may need to solve this question:
ls, cd, cat, file, du, find
The password for the next question is stored in a file somewhere under the inhere directory and has all of the following properties:
human-readable;
33 bytes in size;
not executable
What is the password to bandit5?Hint
Commands you may need to solve this question:
ls, cd, cat, file, du, find
The password for the next question is stored in a file somewhere under the inhere directory and has all of the following properties:
human-readable;
1033 bytes in size;
not executable
What is the password for bandit6?Hint
Commands you may need to solve this question:
ls, cd, cat, file, du, find
The password for the next question is stored somewhere on the server and has all of the following properties:
owned by user bandit7;
owned by group bandit6;
33 bytes in size
What is the password to bandit7?Hint
Commands you may need to solve this question:
ls, cd, cat, file, du, find, grep
The password for the next question is stored in the file data.txt next to the word millionth.
What is the password to bandit8?Hint
Commands you may need to solve this question:
grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd
The password for the next question is stored in the file data.txt and is the only line of text that occurs only once.
What is the password to bandit9?Hint
Commands you may need to solve this question:
grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd
Helpful Reading Material:
Unix Command Line: pipes and redirects
The password for the next question is stored in the file data.txt in one of the few human-readable strings, beginning with several = characters.
What is the password to bandit10?Hint
Commands you may need to solve this question:
grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd
The password for the next question is stored in the file data.txt, which contains base64 encoded data.
What is the password to bandit11?Hint
Commands you may need to solve this question:
grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd
Also see Base64 Wikipedia
The password for the next question is stored in the file data.txt, where all lowercase (a-z) and uppercase (A-Z) letters have been rotated by 13 positions.
What is the password to bandit12?Hint
Commands you may need to solve this question:
grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd
Helpful Reading Material:
Rot13 on Wikipedia
The password for the next question is stored in the file data.txt, which is a hexdump of a file that has been repeatedly compressed. For this level it may be useful to create a directory under /tmp in which you can work using mkdir. For example: mkdir /tmp/myname123. Then copy the datafile using cp, and rename it using mv (read the manpages!)
What is the password to bandit13?Hint
Commands you may need to solve this question:
grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd, mkdir, cp, mv, file
Helpful Reading Material:
Hex dump on Wikipedia
The password for the next question is stored in /etc/bandit_pass/bandit14 and can only be read by user bandit14. For this level, you dont get the next password, but you get a private SSH key that can be used to log into the next level. Note: localhost is a hostname that refers to the machine you are working on.
What is the password to bandit14?Hint
Commands you may need to solve this question:
ssh, telnet, nc, openssl, s_client, nmap
Helpful Reading Material:
SSH/OpenSSH/Keys
The password for the next question can be retrieved by submitting the password of the current level to port 30000 on localhost.
What is the password to bandit15?Hint
Commands you may need to solve this question
ssh, telnet, nc, openssl, s_client, nmap
Helpful Reading Material:
How the Internet works in 5 minutes (YouTube) (Not completely accurate, but good enough for beginners)
IP Addresses
IP Address on Wikipedia
Localhost on Wikipedia
Ports
Port (computer networking) on Wikipedia
The password for the next question can be retrieved by submitting the password of the current level to port 30001 on localhost using SSL encryption.
Helpful note: GettingHEARTBEATING
andRead R BLOCK
? Use -ign_eof and read theCONNECTED COMMANDS
section in the manpage. Next to R and Q, the B command also works in this version of that command.
What is the password to bandit16?Hint
Commands you may need to solve this question:
ssh, telnet, nc, openssl, s_client, nmap
Helpful Reading Material:
Secure Socket Layer/Transport Layer Security on Wikipedia
OpenSSL Cookbook - Testing with OpenSSL
The credentials for the next question can be retrieved by submitting the password of the current level to a port on localhost in the range 31000 to 32000. First find out which of these ports have a server listening on them. Then find out which of those speak SSL and which dont. There is only 1 server that will give the next credentials, the others will simply send back to you whatever you send to it.
What is the RSA private key?Hint
Commands you may need to solve this question
ssh, telnet, nc, openssl, s_client, nmap
Helpful Reading Material
Port scanner on Wikipedia
There are 2 files in the homedirectory: passwords.old and passwords.new. The password for the next question is in passwords.new and is the only line that has been changed between passwords.old and passwords.new.
NOTE: if you have solved this question and see Byebye! when trying to log into bandit18, this is related to the next level, bandit19
What is the password to bandit18?Hint
Commands you may need to solve this question:
cat, grep, ls, diff
The password for the next question is stored in a file readme in the homedirectory. Unfortunately, someone has modified .bashrc to log you out when you log in with SSH.
What is the password to bandit19?Hint
Commands you may need to solve this question:
ssh, ls, cat
To gain access to the next question, you should use the setuid binary in the homedirectory. Execute it without arguments to find out how to use it. The password for this question can be found in the usual place (/etc/bandit_pass), after you have used the setuid binary.
What is the password to bandit20?Hint
Helpful Reading Material:
setuid on Wikipedia
There is a setuid binary in the homedirectory that does the following: it makes a connection to localhost on the port you specify as a commandline argument. It then reads a line of text from the connection and compares it to the password in the previous level (bandit20). If the password is correct, it will transmit the password for the next level (bandit21).
NOTE: To beat this question, you need to login twice: once to run the setuid command, and once to start a network daemon to which the setuid will connect.
NOTE 2: Try connecting to your own network daemon to see if it works as you think.Hint
Commands you may need to solve this question:
ssh, nc, cat, bash, screen, tmux, Unix job control (bg, fg, jobs, &, CTRL-Z, ...)
A program is running automatically at regular intervals from cron, the time-based job scheduler. Look in /etc/cron.d/ for the configuration and see what command is being executed.
What is the password to bandit22?Hint
Commands you may need to solve this question
cron, crontab, crontab(5) (useman 5 crontab
to access this)
A program is running automatically at regular intervals from cron, the time-based job scheduler. Look in /etc/cron.d/ for the configuration and see what command is being executed.
NOTE: Looking at shell scripts written by other people is a very useful skill. The script for this level is intentionally made easy to read. If you are having problems understanding what it does, try executing it to see the debug information it prints.
What is the password to bandit23?Hint
Commands you may need to solve this question
cron, crontab, crontab(5) (useman 5 crontab
to access this)