Skip to content

Latest commit

 

History

History
434 lines (299 loc) · 6.84 KB

README.md

File metadata and controls

434 lines (299 loc) · 6.84 KB

OTW bandit

ssh <username>@<remote>

-p port to connect to on the remote host

add this to ~/.zshrc or ~/.bashrc:

function bandit() {
  ssh bandit$1@bandit.labs.overthewire.org -p 2220
}

for fish add this to config.fish:

function bandit
  ssh bandit$argv[1]@bandit.labs.overthewire.org -p 2220
end

Level 0

bandit 0

password for bandit0: bandit0

SCR-20250202-CinQ9Nnk

ls
cat readme

SCR-20250202-KNlMr3wm

password for bandit1 ZjLjTmM6FvvyRnrb2rfNWOZOTa6ip5If

Level 1

ls -lah
cat ./-

SCR-20250202-dUJvM2ej

password for bandit2 263JGJPfgU6LtdEvgfWU1XP5yac29mFx

Level 2

ls -lah
cat ./"spaces in this filename"

SCR-20250202-MYP3S6oa

password for bandit3 MNk8KNH3Usiio41PRUEoDFPqfxLPlSmx

Level 3

ls -lah
cd inhere
ls -lah
cat ./...Hiding-From-You

SCR-20250202-fp4aQ6Pm

password for bandit4 2WmrDFRmJIq3IPxneAaMGhap0pFhF3NJ

Level 4

file <options> <filepath>
grep <options> <search terms> <filepath>

-i ignore case distinctions in patterns and input data

to use the results as input use xargs which will pass the file names to grep

-E interpret PATTERNS as extended regular expressions

... | xargs grep -i ...
ls -lah
cd inhere
ls -lah
file ./-* | grep text

SCR-20250202-kz48VK7Q

password for bandit5 4oQYVPkxZOOEOO5pTW81FB8j8lxXGUQw

Level 5

find <starting directory> <options> <search terms>

-type indicates the type of file or directory you're searching for.

- **f:** This means "regular file"
- **d:** Searches for directories (folders)
- **l:** Searches for symbolic links to other files

-iname tells find to ignore case-sensitivity

-size filter results by size

  • b for 512-byte blocks (this is the default if no suffix is used)

  • c for bytes

  • w for two-byte words

  • k for kibibytes (KiB, units of 1024 bytes)

  • M for mebibytes (MiB, units of 1024 * 1024 = 1048576 bytes)

  • G for gibibytes (GiB, units of 1024 * 1024 * 1024 = 1073741824 bytes)

-exec combine commands to perform actions when files are located

- without `{}` and `\;`, the command will not work correctly

-group file belongs to group

-user file is owned by user

ls -lah
cd inhere
ls -lah
find . -type f -size 1033c -exec file {} \; | grep text
cat ./maybehere07/.file2

SCR-20250202-hVMeyqYx

password for bandit6 HWasnPhtq9AVKe0dmk45nxy20cvUa6EG

Level 6

cd /
find . -type f -size 33c -user bandit7 -group bandit6 2> dev/null
cat ./var/lib/dpkg/info/bandit7.password

SCR-20250202-NjDyOWJD

password for bandit7 morbNTDkSW6jIlUc0ymOdMaLnOlFVAaj

Level 7

ls -lah
find . -type f -iname "data.txt" | xargs grep -i "millionth"

SCR-20250202-26ITiCQf

password for bandit8 dfwvzFQi4mU0wfNbFOe9RoWskMLg7eEc

Level 8

uniq <options> <input> <output>

-u only print unique lines

-d only print duplicate lines, one for each group

-D print all duplicate lines

-c prefix lines by the number of occurrences

-i ignore differences in case when comparing

ls -lah
sort data.txt | uniq -iu

SCR-20250202-fJs3FtnF

password for bandit9 4CKMh1JI91bUIZZPXDqGanal4xvAg0JM

Level 9

strings <options> <input> //print the sequences of printable characters in files
ls -lah
strings data.txt | grep -E "={2,}"

SCR-20250202-9J3GmSC9

password for bandit10 FGUW5ilLVJrxX9kMYMmlN4MgbpfMiqey

Level 10

base64 <options> <filepath>

-d decode data

ls -lah
base64 -d data.txt | cat

SCR-20250202-n94BBN2u

password for bandit11 dtR173fZKb0RRsDFSGsg2RWnpNVj3qRr

Level 11

tr <optons> <string1> <string2>

ROT13_table_with_example.svg

ls -lah
cat data.txt | tr 'A-Za-z' 'N-ZA-Mn-za-m'

SCR-20250202-XWbXMeCD

password for bandit12 7x16WNeHIi5YkIhWsfFIqoognUTyj9Q4

Level 12

xxd <options> <infile>

-r convert (or patch) hex dump into binary

gunzip <infile> // decompresses gzip files
bunzip2 <infile> // decompresses bzip2 files
tar <options> <infile>

-x extract files from an archive

-f use archive file or device ARCHIVE

-z filter the archive through gzip

ls
mktemp -d
cp data.txt /tmp/tmp.jZKJMBTyU3/dump.txt
cd /tmp/tmp.jZKJMBTyU3
ls
xxd -r dump.txt > data
vim uncompressor.sh

uncompressor.sh:

#!/bin/bash

process_file() {
    local filename="$1"
    local file_type
    file_type=$(file "$filename")

    if echo "$file_type" | grep -q 'ASCII text'; then
        echo "Found ASCII text file: $filename"
        echo
        cat "$filename"
        return
    fi

    case "$file_type" in
        *gzip*)
            echo "Gzipped file detected: $filename"
            mv "$filename" "$filename.gz"
            gunzip "$filename.gz"
            process_file "$filename"
            ;;
        *bzip2*)
            echo "Bzip2 file detected: $filename"
            mv "$filename" "$filename.bz2"
            bunzip2 "$filename.bz2"
            process_file "$filename"
            ;;
        *tar*)
            echo "Tar archive detected: $filename"
            tar -xf "$filename"
            for extracted_file in $(tar -tf "$filename"); do
                process_file "$extracted_file"
            done
            ;;
        *)
            echo "Unknown filetype: $filename"
            ;;
    esac
}

process_file "$1"
chmod +x uncompressor.sh
./uncompressor.sh data

SCR-20250202-BBsqCkxn

password for bandit13 FO5dwFsc0cbaIiH0h8J2eUks2vdTDwAn