Bandit Level 9
This challenge wanted us to read the file data.txt and find the human readable strings beginning with several equal signs. Since there was non-human readable code in there, I knew that I could use the strings command to get the readable code. I also used grep to find only the lines that matched the === pattern.
Password = truKLdjsbJ5g7yyJ2X2Ro3a5HQJFuLK
Bandit Level 10
This time the flag is again stored in a data.txt file, but the data is encoded using base64. For this challenge I need to read the data using echo and pipe it to decode using base64 decoder.
Password = IFukwKGsFW8M0q3IRFqrxE1hxTNEbUPR
Bandit Level 11
This time the flag is again stored in a data.txt file, but this time the encoding method is ROT13. I looked up how to encode ROT13 in linux and found a command using the translate command. I echoed the data from the file and piped the translate code.
Password = 5Te8Y4drgCRfCx8ugdwuEX8KFC6k2EUu
Bandit Level 12
This one was very tedious. I am sure there was a much simpler way than the way I did, it but I will have to find out later. Essentially this time the data.txt file has been compressed several times. The objective is to decompress the file every time by determining the name of the file, renaming it, then decompressing the file. This was done in several steps so I will not explain how I did it but will show it all below.
Password = 8ZjyCRiBWFYkneahHwxCv3wb2a10RpYL
Bandit Level 13
This time the challenge required us to use ssh from the level 13 server and log on as the level14 user using a private key. I had to look up how to use private keys in ssh and was able to find ample information. I’m becoming a Google Fu blackbelt! I used the below command to do so.
Then it was as simple as reading the etc/bandit_pass/bandit14 file to get the flag.
Password = 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e
Bandit Level 14
For level 14 the requirement was to send the password for level 14 to port 30000 to retrieve the next flag. I used netcat and then put the current password in. That gave me the next flag
Password = BfMYroe26WYalil77FoDi9qh59ek5xNr
Malicious_Pizza 