Sunday, July 30, 2017

Bandit's walking through over the wire from 0-10


Over the wire game also same as other games. Bandit has to walk through from level 0 up to 26. This game has been developed for the beginners of the linux commands. This is a war game.

First to walk through the levels you have to download puTTY . Use this link to download it.
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html
download the .exe file.
Open puTTY...

Let's play it....
http://overthewire.org/wargames/bandit/

Use the provided host name and the port number to open the terminal.


Level 0

             For level 0 by using the password and the user name is given in the site can be logged in as Bandit.

Level 0 - Level 1

            The password is there in the Readme file in the home directory. Use cat command to read it. Get the password to login to level 1.




 Level 1 - Level 2

           The password is stored in - directory. To read a - file use < after the cat command.



Level 2 - Level 3

         In user bandit1 the password to the next level is stored in the a file in which has spaces in the file name. the file name is 'spaces in this filename'.
if we use the cat command to read this file
cat spaces in this filename
The puTTY identify this as 4 file names (spaces, in, this, filename)
it gives an error. In Linux to get rid form that error and to say that there is a space we can use '\' before the space.

 spaces\ in\ this\ filename


Level 3 - Level 4

             In level 3 the password for the level 4 is stored inside a hidden file in the directory called inhere.
ls -a command gives hidden files in side a directory.


       
Level 4 - Level 5

To gain the password fro Level 5 we have to access a only human readable file.
Use file command to find out all the files inside the inhere directory. File 07 is a text data. So it might be the file that we need to access.




Level 5 - Level 6

Use find command to find the file with given information.



Level 6 - Level 7

    In this level also the find command can be used to get the file with given information. But the permission was denied.
With ls -a the hidden file can be identified.
then with cat command bandit7.password file can be read.




Level 7 - Level 8

           There is a file called data.txt in which the password is stored next to the word millionth.
By using the grep command out put can be filtered. 
With the pipe operation the output of the grep command is taken as an input to the cat command.



Layer 8 - Layer 9

The password is stored in the data.txt file and the password text may not repeat in the file. So the unique line have to be find.
to find an unique line uniq command can be used.



Level 9 - Level 10

It says that the password is next to a '=' mark. Using the output given by the grep commnd as an input to the strings command strings that consists with '=' is shown.



at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Cross Site Request Forgery Protection with Double Submit Cookies Patterns

When a user authenticates to a site, the site should generate a (cryptographically strong) pseudo-random value and set it as a cookie on the...