Home - Writeups - Bandit Overthewire wargames walkthrough level 11 – 15

Bandit Overthewire wargames walkthrough level 11 – 15

Bandit overthewire wargames level 6 – 10

Bandit overtthewire wargames level 16 – 20

Overthewire Bandit is a game for beginners in Linux. As it is a great guide for learning the command line and Linux. So we will continue with the game here is the link for the next level.

Level 11→15

  • Host: bandit.labs.overthewire.org
  • port: 2220

bandit level 10 → 11

As we are told password for next level is stored in data.txt. But data is stored in base 64 encoded format. Therefore to extract the information we will use base64 command line utility. It comes with Kali Linux. As we are decoding we use -d flag for decoding a text. After that, we get password for the next level.

bandit level 11, wargames
  • cat data.txt
  • base64 -d data.txt

bandit level 11 → 12

As we are instructed password is in data.txt. But data is encrypted by rotating letters 13 positions. We know this is a substitution ciphertext. So we will use tr command for translation of the text. As tr command needs 2 sets, characters from set1 are translated to set2. Rotating letter A by 13 we get N and Z by 13 we get M. In addition, we will fill the range between these words.

bandit level 12, overthewire
  • ls
  • cat data.txt
  • cat data.txt | tr ‘[A-Za-z]’ ‘[N-ZA-Mn-za-m]’

bandit level 12 → 13

As we know the password for the next level is stored in data.txt. However, data.txt is a hex dump of the original file and the original file is compressed multiple times. As a result, we see from the diagram below the content of data.txt.

bandit level 13 a, beginner friendly
  • ls
  • cat data.txt

We make a new directory in /tmp/ folder so that we can perform changes to file. After that, we will copy data.txt to the folder we created. We will use “xxd” command with -r flag which will reverse the hex dump and give the original file as output. After that, we check the file type using “file” command. For instance, the data1 file is of type gzip so we will change the extension of the file by “mv” command. In addition, we will extract the content of the data2.gz file using gzip command with -d flag.

bandit level 13 b, linux commands
  • mkdir /tmp/diliger
  • cp data.txt /tmp/diliger
  • cd /tmp/diliger
  • xdd -r data.txt data1
  • mv data1 data2.gz

We use “file” command to see the file type of extracted data2, as we can see it is bzip2 file extension. So we will use the “mv” command to change the extension to “data3.bz2”. After that, we use the “bzip2” command for extracting data from data3.bz2. Similarly, we check file type using “file” command and get its type as “gzip”. Again we use mv command to change the extension to data4.gz. In addition, we use the gzip command with -d flag to extract data from data4.gz.

bandit level 13 c, command line
  • file data2
  • mv data2 data3.bz2
  • bzip2 -d data3.bz2
  • file data3
  • mv data3 data4.gz
  • gzip -d data4.gz

However, file type of data4 is tar archive so we will use tar command with “-xvf” means extracting a archive file in verbal mode. After that we get data5.bin file. Again using file command we get file type as tar. So we use tar command with “-xvf” flag to extract data. We see file type of data6.bin as bzip2 so we use “mv” command to change extension to data7.bz2. Then we extract data using bzip2 command with -d flag.

bandit level 13 d, gzip, tar
  • file data4
  • tar -xvf data4
  • file data5.bin
  • tar -xvf data5.bin
  • file data6.bin
  • mv data6.bin data7.bz2
  • bzip2 -d data7.bz2

As we use file command we get file type of data7 as tar. So we use the tar command with -xvf flag to extract data. The file type of data8.bin is gzip so we use mv command to change the extension to data9.gz. In addition, we will use the gzip command to extract data from data9.gz. After that, we will use file command as we see the extension of data9 is ASCII text. We will use the cat command to read the content of data9. We get the password of the next level.

bandit level 13 e, password
  • file data7
  • tar -xvf data7
  • file data8.bin
  • mv data8.bin
  • gzip -d data9.gz
  • file data9
  • cat data9

bandit level 13 → 14

As instructed we are given a private SSH key. We will use the SSH key to log in to the next level. Therefore, for the next level, we don’t need a password. In conclusion, we will use the SSH command with the “-i” flag to take input as a key value.

bandit level 14, ssh private key

bandit level 14 → 15

As instructed we will get password by submitting password of current level to port 30000 on localhost. In addition, we already know password is stored in /etc/bandit_pass/bandit14. So we can use “cat” to read the content of bandit14. After that we use “nc” command (netcat) to transfer the content of /etc/bandit_pass/bandit14 to port 30000 on localhost. But we need to combine these commands so we will use pipe operator “|”.

bandit level 15, nc
  • ls
  • cat /etc/bandit_pass/bandit14
  • cat /etc/bandit_pass/bandit14 | nc localhost 30000

Here are useful links for learning more about linux commands.

Bandit overthewire wargames level 6 – 10

Bandit overtthewire wargames level 16 – 20

Share
0 0 votes
Article Rating
Subscribe
Notify of
guest
1 Comment
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
trackback
1 year ago

[…] Bandit overthewire wargames level 11 – 15 […]

1
0
Would love your thoughts, please comment.x
()
x