Bandit Walk through 3

Level 5:

This level required me to find the password stored in the inhere directory that had three properties; it had to be human readable, 1033 bytes in size, and not an executable. For this, I decided to use the find command. I knew I would need to give it a few other flags, so I started by changing the directory to the inhere directory. I constructed the command to look for the size of 1033c ensure it was readable with the readable flag and not an executable by inputting the special character for not in front of the flag for executable. This returned a directory and file; I used the cat command to read the file, notice the file has a period in front of it, so I had to use an escape character to get to it.

The password for level 6: DXjZPULLxYr17uwoI01bNLQbtFemEgo7

Level 6:

Level six’s password was stored somewhere on the server and had to be owned by the user bandit7 and the group bandit6 and had to be 33 bytes in size. Using the find command, I searched the entire server by inputting /. Then looked for a file type of f for file and inputted a couple of flags for size, the user and the group. Initially, when I did this it returned so much information, I got a headache. I wanted to figure out how to only return the one location that met all these parameters. I came across the Linux documentation and saw the final command in the string 2>/dev/null. This specific string returns only the correct location because it stores all the errors (stderr) I was seeing earlier into the dev/null file. Once I got that information, I was able to cat the file and receive the password.

Password for level 7: HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs

Level 7:

I got Occupy the Web’s book “Linux Basics for Hackers” for Christmas, when reading that book I learned a lot about grep, I had used it previously but was not very familiar with it prior. As soon as I saw this challenge I knew how to figure this one out. Level 7 stores the password in a data.txt file next to the word millionth. I know I could pipe grep millionth into a cat command call and it would return the password.

Password for level 8: cvX2JJa4CFALtqS87jk27qwqGhBM9plV

Level 8:

Level 8 had a password stored in the data.txt file, but it was the only line of text that was unique. I decided to read the file, sort it by piping the sort command, and then identify the unique line of text by using the uniq -u command. That inevitably returned the password.

Password for level 9: UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s