OverTheWire: Bandit Level 14 → Level 15

https://overthewire.org/wargames/bandit/bandit15.html

Level Goal

The password for the next level can be retrieved by submitting the password of the current level to port 30000 on localhost.

Commands you may need to solve this level

ssh, telnet, nc, openssl, s_client, nmap

> whatis ssh
ssh (1) - OpenSSH remote login client

> whatis telnet
telnet (1) - user interface to the TELNET protocol

> whatis nc
nc (1) - TCP/IP swiss army knife

> whatis openssl
openssl (1ssl) - OpenSSL command line tool

> whatis s_client
s_client (1ssl) - SSL/TLS client program

> whatis nmap
nmap (1) - Network exploration tool and security / port scanner

Note : Not all commands are required to complete the level

Helpful Reading Material

Solution

From the question we know that there is an service that is running on port 30,000. We can try to connect to the service using netcat command

(For the syntax of netcat and additional usage refer the attached resources)

Note : nc is an alias for the netcat command and can be used interchangeably

bandit14@bandit:~$ netcat localhost 30000
Password
Wrong! Please enter the correct current password

When we enter an random value we see that we get an message saying the pasword is incorrect

We know that the current level password is stored in /etc/band_pass/bandit14 we can try to provide that as an value to the service and see if we get the password for the next level

bandit14@bandit:~$ cat /etc/bandit_pass/bandit14
4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e
bandit14@bandit:~$ netcat localhost 30000
4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e
Correct!
BfMYroe26WYalil77FoDi9qh59eK5xNr

We have found the password for the next level !!!

Logout of the current session and login into the next level using bandit15 password

> ssh bandit15@bandit.labs.overthewire.org -p 2220This is a OverTheWire game server. More information on http://www.overthewire.org/wargamesbandit15@bandit.labs.overthewire.org's password: BfMYroe26WYalil77FoDi9qh59eK5xNr

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Duplicated Vulnerabilities in WordPress Plugins

Spartan Node BULLISH Lunar New Year GIVEAWAY

{UPDATE} Endless Race Free Hack Free Resources Generator

GDPR in a Nutshell

TryHackMe: Cross-site Scripting

How I Make $115/Year Passively from My Unused Bandwidth

Hands holding a ball of 100 dollar bills. Nails are painted red and hand has a bracelet. Background is ground outside.

Step-by-Step Guide to Setting an NFT as your ENS Profile Avatar

Haraka SMTP Command Injection

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
David Varghese

David Varghese

More from Medium

How to create multiple Virtual Server Instances (VSI) inside of a Virtual Private Cloud (VPC) on…

Solved: One or more of the CNAMEs you provided are already associated with a different resource

post fix install and configure with AWS SES

Cloud Computing: Your smart storage solution!