David Varghese

Mar 4, 2021

3 min read

OverTheWire: Bandit Level 5 → Level 6

https://overthewire.org/wargames/bandit/bandit6.html

Level Goal

The password for the next level is stored in a file somewhere under the inhere directory and has all of the following properties:

human-readable

1033 bytes in size

not executable

Commands you may need to solve this level

ls, cd, cat, file, du, find

> whatis ls                                                                         
ls (1)          - list directory contents
                                                                                                                        
> whatis cd
cd  (1)         - change working directory
                                                                                                                        
> whatis cat                                                                                                     
cat (1)         - concatenate files and print on the standard output
                                                                                                                        
> whatis file
file (1)        - determine file type
                                                                                                                        
> whatis du  
du (1)          - estimate file space usage
                                                                                                                        
> whatis find
find (1)        - search for files in a directory hierarchy

Note : All commands don’t have to be used to complete level

Helpful Reading Material

35 Practical Examples of Linux Find Command

The Linux Find Command is one of the most important and frequently used command command-line utility in Unix-like…

www.tecmint.com

12 Practical Examples of Linux grep Command

Have you ever been confronted with the task of looking for a particular string or pattern in a file, yet have no idea…

www.tecmint.com

What is a simple explanation for how pipes work in Bash?

I often use pipes in Bash, e.g.: dmesg | less Although I know what this outputs, it takes dmesg and lets me scroll…

stackoverflow.com

Solution

View the files that are present in the current working directory

bandit5@bandit:~$ ls
inhere

Move into the inhere/ directory using the cd command

bandit5@bandit:~$ cd inhere/

View files that are in the directory

bandit5@bandit:~/inhere$ ls
maybehere00  maybehere03  maybehere06  maybehere09  maybehere12  maybehere15  maybehere18
maybehere01  maybehere04  maybehere07  maybehere10  maybehere13  maybehere16  maybehere19
maybehere02  maybehere05  maybehere08  maybehere11  maybehere14  maybehere17

To search for the file that we require using the properties that are specified in the question we can make use of the find command.

(Refer man pages to read more on the various options that can be used along with the find command)

bandit5@bandit:~/inhere$ find . -type f -size 1033c -not -executable -exec file {} + | grep ASCII
./maybehere07/.file2: ASCII text, with very long lines

Command Explanation

  • . : Search the current working directory only
  • -type f : Look for files only (Exclude Directories)
  • -size 1033c : Look for files that are exactly 1033 bytes in size (Find uses “c” to represent bytes)
  • -not -executable : Find only non executable files
  • -exec file {} + : Execute the file command on all the results returns by find

Note : {} is an placeholder for the location where the names of the files found by find is going to be substituted. The “+” sign is used to terminate the statement

From the previous level we know that file command will return value “ASCII Text” for human readable files. So by using grep we are filtering the output to only show results with that contain that string

Note : Grep is an command that is used to find patterns in string and is very helpful when trying to find files. For more examples refer the attached resources

The pipe (|) operator is used to pass the output of one command as the input of another command

Not that we have found the file lets view its contents

cat ./maybehere07/.file2
DXjZPULLxYr17uwoI01bNLQbtFemEgo7

We have found the password for the next level !!

Logout of current session and use password of user bandit6 to access next level

> ssh bandit6@bandit.labs.overthewire.org -p 2220
This is a OverTheWire game server. More information on http://www.overthewire.org/wargamesbandit6@bandit.labs.overthewire.org's password: DXjZPULLxYr17uwoI01bNLQbtFemEgo7

Next Level

OverTheWire: Bandit Level 6 → Level 7

https://overthewire.org/wargames/bandit/bandit7.html

therandomier.medium.com

Previous Level

OverTheWire: Bandit Level 4 → Level 5

https://overthewire.org/wargames/bandit/bandit5.html

therandomier.medium.com

More from David Varghese

Love podcasts or audiobooks? Learn on the go with our new app.

Try Knowable

Recommended from Medium

Nancy Bui

A Beginner’s Guide to Web Animations

IDEAS Token

IDEAS 💡- New Lottery Event!

Vimal Tiwari

in

Elevate Your System Design and Salesforce Knowledge

Command: Design Pattern[Part-5]

Micha B

Building Nera website with Nera — Part 3

Screenshot of blog post with tags, author and published at date
Mickey Mellen

The right tool for the right job

Steve Ellwood

C# Events for beginners

Gaupa Labs

ERP: Where Does it Come From? Where should it go?

ListReports®

in

The ListReports® Blog

Introducing: Agent Notification Center

AboutHelpTermsPrivacy

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Knowable