OverTheWire – Bandit Level 0 & 1 Solutions

I figured it may be fun to go through all of the OverTheWire Bandit Wargames, which are aimed at absolute beginners who want to start learning about security principles.

My aim will be to provide a very simple explanation of how each game is played, which will hopefully expand my own knowledge and help a few of you at the same time.

All posts in this serial have been tagged #OverTheWire.


Level 0

Level Goal

The goal of this level is for you to log into the game using SSH. The host to which you need to connect is bandit.labs.overthewire.org, on port 2220. The username is bandit0 and the password is bandit0. Once logged in, go to the Level 1 page to find out how to beat Level 1.

Commands you may need to solve this level

ssh

Helpful Reading Material

Solution

So this one isn’t particularly a test but may as well start from the beginning.

I’m using Windows so the instructions below will be for Windows, there are plenty of resources online that will describe how to connect from various OS’s.

  1. Open a Command Prompt.
  2. Type “ssh bandit0@bandit.labs.overthewire.org -p 2220′
  3. Type the password “bandit0”
  4. If you have typed the details correctly you should see something similar to below –

Level 1

Level Goal

The password for the next level is stored in a file called readme located in the home directory. Use this password to log into bandit1 using SSH. Whenever you find a password for a level, use SSH (on port 2220) to log into that level and continue the game.

Commands you may need to solve this level

ls, cd, cat, file, du, find

Solution

This level is just meant as a very brief introduction to typing commands.

  1. Type “ls” to list all of the files in the current location, you should see a file called “readme”.
  2. Type “cat readme” to read the contents of the file.
  3. From here we can see that the password is “boJ9jbbUNNfktd78OOpsqOltutMc3MY1$”.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.