OverTheWire – Bandit Level 5 Solution

I figured it may be fun to go through all of the OverTheWire Bandit Wargames, which are aimed at absolute beginners who want to start learning about security principles.

My aim will be to provide a very simple explanation of how each game is played, which will hopefully expand my own knowledge and help a few of you at the same time.

All posts in this serial have been tagged #OverTheWire.


Level Goal

The password for the next level is stored in a file somewhere under the inhere directory and has all of the following properties:

  • human-readable
  • 1033 bytes in size
  • not executable

Commands you may need to solve this level

ls, cd, cat, file, du, find

Solution

We’ll be making use of the find command for this one. So we need to find a specific file that is readable, that has a size of 1033 bytes and that is not executable, luckily this is all quite straightforward –

  1. Type ‘ls’ to list all directories and files, you will see a single directory called “inhere”.
  2. Type “cd inhere” to navigate into the directory.
  3. Type ‘ls’ to list directories again, you will see that there are 18 directories each of which contain multiple directories and files.
  4. Now type “find -readable -size 1033c ! -executable” which will find files that are readable with a size of 1033 bytes (c) and that are not executable”.
  5. This should return a single file “./maybehere07/.file2”
  6. Type “cat ./maybehere07/.file2” to output the password for the next section, which should be “DXjZPULLxYr17uwoI01bNLQbtFemEgo7”.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.