OverTheWire: Bandit Level 15 → Level 16


Level Goal

The password for the next level can be retrieved by submitting the password of the current level to port 30001 on localhost using SSL encryption.

Helpful note: Getting “HEARTBEATING” and “Read R BLOCK”? Use -ign_eof and read the “CONNECTED COMMANDS” section in the manpage. Next to ‘R’ and ‘Q’, the ‘B’ command also works in this version of that command…

Commands you may need to solve this level

ssh, telnet, nc, openssl, s_client, nmap

> whatis ssh
ssh (1) - OpenSSH remote login client

> whatis telnet
telnet (1) - user interface to the TELNET protocol

> whatis nc
nc (1) - TCP/IP swiss army knife

> whatis openssl
openssl (1ssl) - OpenSSL command line tool

> whatis s_client
s_client (1ssl) - SSL/TLS client program

> whatis nmap
nmap (1) - Network exploration tool and security / port scanner

Note : Not all commands are required to complete the level

Helpful Reading Material


We know that we have to connect to an service on port 30,001 using SSL encryption. The simplest way to achieve this is using the openssl command along with s_client which allows to connect to services on our machine using SSL.

bandit15@bandit:~$ openssl s_client -connect localhost:30001CONNECTED(00000003)
depth=0 CN = localhost
verify error:num=18:self signed certificate
verify return:1
depth=0 CN = localhost
verify return:1
Certificate chain
0 s:/CN=localhost
Start Time: 1615101060
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
Extended master secret: yes
Wrong! Please enter the correct current password

When we provide the password as “Password” as get an error saying wrong password

Lets provide the correct password as see if we get the password for the next level. The password for the current level can be found at /etc/bandit_pass/bandit15

bandit15@bandit:~$ cat /etc/bandit_pass/bandit15
bandit15@bandit:~$ openssl s_client -connect localhost:30001

We have found the password for the next level !!!

Note : We can achieve same same result using the ncat command which is an advanced version of netcat that is developed by the creators of nmap . If using ncat make use of the same command as the previous level and add the --ssl flag

Logout of the current session and start the next level using bandit16 password

ssh bandit16@bandit.labs.overthewire.org -p 2220This is a OverTheWire game server. More information on http://www.overthewire.org/wargamesbandit16@bandit.labs.overthewire.org's password: cluFn7wTiGryunymYOu4RcffSxQluehd




Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Managing Passwords and Application Secrets: Common Anti-Patterns

A year in review and roadmap

Network+ Practice Labs: Install OS Updates and Configure Security Policies

Helping Academia Succeed So Cybersecurity Can Thrive

Our Compensation Plan 1

{UPDATE} BRAIN-TRAIN Hack Free Resources Generator

What is Hypersign?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
David Varghese

David Varghese

More from Medium

The Internet Of Things

Useful BadUSBs: Making a brute force password cracker on Arduino

On Digital Forensics: Foremost

Cyber Security career roles