Bandit24

bandit level24
ssh server: bandit.labs.overthewire.org port 2220
username: bandit24
password: VAfGXJ1PBSsPSnvsjI8p759leLZ9GGar
In This challenge there is a listener on port 30002 waiting to receive the bandit24 password followed by a four digits bin code if the values are correct it will replay with the bandit25 password, lets try to connect and submit the values
As you see the system refuses to send the password unless it received the correct combination, bandit24 password and the correct value of the bin code, the problem that we need to find out the secret bin code which means we need to find out the correct value between 10000 iteration.So we are going to create a script that try the 10000 iteration itself, then open the connection with the listener and try to submit the bandit24 password with the 10000 bin codes line by line until it receives the correct bin code
bandit24pass=VAfGXJ1PBSsPSnvsjI8p759leLZ9GGar
for i in {0..9999}
do
echo "$bandit24pass $i" >> list
done
nc localhost 30002 <list > results
cat results | grep -v Wrong
This scrip stores the bandit24 password in a variable names bandit24pass, then start a loop that iterates the values starting from "0000" ending with "9999", at every iteration it will create line in a file named "list" the line will be bandit24 password followed by a the value of the loop iteration, at the end we have a file with 10000 line each line has the bandit24 password followed by the four digits bin number, we will connect to the listener on port 30002 using the file "list" and store the response of the listener in a file named "results", finally reading the "results" file searching for any file that doesn't contains the word "Wrong", this will show us the bandit25 password.
don't forget to change the script file permeations to make it executable before running it
this is the password for the next level bandit25
tell we meet there
Your comments and feedback are highly appreciated
Thank You