OverTheWire: Bandit Level 5 → Level 6


Level Goal

The password for the next level is stored in a file somewhere under the inhere directory and has all of the following properties:


1033 bytes in size

not executable

Commands you may need to solve this level

ls, cd, cat, file, du, find

> whatis ls                                                                         
ls (1) - list directory contents

> whatis cd
cd (1) - change working directory

> whatis cat
cat (1) - concatenate files and print on the standard output

> whatis file
file (1) - determine file type

> whatis du
du (1) - estimate file space usage

> whatis find
find (1) - search for files in a directory hierarchy

Note : All commands don’t have to be used to complete level

Helpful Reading Material


View the files that are present in the current working directory

bandit5@bandit:~$ ls

Move into the inhere/ directory using the cd command

bandit5@bandit:~$ cd inhere/

View files that are in the directory

bandit5@bandit:~/inhere$ ls
maybehere00 maybehere03 maybehere06 maybehere09 maybehere12 maybehere15 maybehere18
maybehere01 maybehere04 maybehere07 maybehere10 maybehere13 maybehere16 maybehere19
maybehere02 maybehere05 maybehere08 maybehere11 maybehere14 maybehere17

To search for the file that we require using the properties that are specified in the question we can make use of the find command.

(Refer man pages to read more on the various options that can be used along with the find command)

bandit5@bandit:~/inhere$ find . -type f -size 1033c -not -executable -exec file {} + | grep ASCII
./maybehere07/.file2: ASCII text, with very long lines

Command Explanation

  • . : Search the current working directory only
  • -type f : Look for files only (Exclude Directories)
  • -size 1033c : Look for files that are exactly 1033 bytes in size (Find uses “c” to represent bytes)
  • -not -executable : Find only non executable files
  • -exec file {} + : Execute the file command on all the results returns by find

Note : {} is an placeholder for the location where the names of the files found by find is going to be substituted. The “+” sign is used to terminate the statement

From the previous level we know that file command will return value “ASCII Text” for human readable files. So by using grep we are filtering the output to only show results with that contain that string

Note : Grep is an command that is used to find patterns in string and is very helpful when trying to find files. For more examples refer the attached resources

The pipe (|) operator is used to pass the output of one command as the input of another command

Not that we have found the file lets view its contents

cat ./maybehere07/.file2

We have found the password for the next level !!

Logout of current session and use password of user bandit6 to access next level

> ssh bandit6@bandit.labs.overthewire.org -p 2220
This is a OverTheWire game server. More information on http://www.overthewire.org/wargames
bandit6@bandit.labs.overthewire.org's password: DXjZPULLxYr17uwoI01bNLQbtFemEgo7

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

A Beginner’s Guide to Web Animations

IDEAS 💡- New Lottery Event!

Building Nera website with Nera — Part 3

Screenshot of blog post with tags, author and published at date

The right tool for the right job

C# Events for beginners

ERP: Where Does it Come From? Where should it go?

Introducing: Agent Notification Center

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store