Friday, August 19, 2022

Bandit12

bandit level12

ssh server: bandit.labs.overthewire.org port 2220

username: bandit12

password: 5Te8Y4drgCRfCx8ugdwuEX8KFC6k2EUu

This time the data.txt file contains a hexdump of a file, 1st as the challenge advised we will create directory in the /tmp directory, and copy out data.txt file there to deal with it

Now convert back the hexdump to its original file using "xxd"

The original file is a gzip file, after extracting it we face a bzip2 file, then tar compressed file,.....

After a series of decompression we meet our target ascii text file "data8" which contains the password for the next level bandit13

tell we meet there

Your comments and feedback are highly appreciated

Thank You

Bandit11

bandit level11

ssh server: bandit.labs.overthewire.org port 2220

username: bandit11

password: IFukwKGsFW8MOq3IRFqrxE1hxTNEbUPR

This time the contains of data.txt is encrypted by rot13 encryption

We can decrypt it using "CyberChif"

https://gchq.github.io/CyberChef/

Or using the "rot13" function in Linux

Both ways will give us the password for the next level bandit12

tell we meet there

Your comments and feedback are highly appreciated

Thank You

Bandit10

bandit level10

ssh server: bandit.labs.overthewire.org port 2220

username: bandit10

password: truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk

In this level we are required to read the text file data.txt

the file contains is not a plan text but a text base64 decoded, so we will use the "base64" encode/decode function

this is the password for the next level bandit9
tell we meet there

Your comments and feedback are highly appreciated

Thank You

Wednesday, August 17, 2022

Bandit9

bandit level9

ssh server: bandit.labs.overthewire.org port 2220

username: bandit9

password: UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR

In this challenge we are requested to find a line that starts with some "===" normally we would try the "cat & grep" commands

But unfortunately it didn't work because this is not a text file, so we need to develop a new technique. We will try the "strings" command

this is the password for the next level bandit9
tell we meet there

Your comments and feedback are highly appreciated

Thank You

Bandit8

bandit level8

ssh server: bandit.labs.overthewire.org port 2220

username: bandit8

password: cvX2JJa4CFALtqS87jk27qwqGhBM9plV

This time we need to find the only unrepeated line in the file so we need to "sort" the file then find the "uniq" line in the file

this is the password for the next level bandit9
tell we meet there

Your comments and feedback are highly appreciated

Thank You

Thursday, August 4, 2022

Bandit7

bandit level7

ssh server: bandit.labs.overthewire.org port 2220

username: bandit7

password: HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs

This time we need to find line in the file that has the word millionth

It looks like that it has to much lines and if we tried to find out the number of lines using the word count command it shows that it has more than 98K lines

so we have to be more precise by getting only the line that has our word millionth, we can then use the command "grep" to get the only line has our word

this is the password for the next level bandit8
tell we meet there

Your comments and feedback are highly appreciated

Thank You

Monday, August 1, 2022

Bandit6

bandit level6

ssh server: bandit.labs.overthewire.org port 2220

username: bandit6

password: DXjZPULLxYr17uwoI01bNLQbtFemEgo7

this time we need to find a file that it has the following characteristics:

1- owned by user bandit7

2- owned by group bandit6

3- 33 character only

somewhere into the server. So we will use the find command but on the root directory

$ find / -type f -size 33c -user bandit7 -group bandit6

oups so many "permission denied" and we can not find our file through that listing, so we need to hid this "permission denied" to find out our target file. This would be done by redirecting the errors to the /dev/null and keep only non errors shown on the screen

$ find / -type f -size 33c -user bandit7 -group bandit6 2>/dev/null