Bandit Level 13 to Level 15 | OverTheWire
Learn linux command by playing Bandit wargame. The Bandit wargame is aimed at absolute beginners. It will teach the basics needed to be able to play other wargames. Below is the solution of Level 13 → Level 14, Level 14 → Level 15 and Level 15 → Level 16.
In this post we will learn how to use ssh key instead of password to login in a remote machine. We will learn about Secure Scoket Layer and how to establish a connection to a remote machine on a port.
The passwords are hidden, so you have to find the passwords for next level yourself.
Previous Post
Bandit Level 0 to Level 3 Bandit Level 4 to Level 8 Bandit Level 9 to Level 11 Bandit Level 12 → Level 12
Bandit Level 13 → Level 14
Level Goal
The password for the next level is stored in /etc/bandit_pass/bandit14 and can only be read by user bandit14. For this level, you don’t get the next password, but you get a private SSH key that can be used to log into the next level. Note: localhost is a hostname that refers to the machine you are working on
Commands you may need to solve this level
ssh, telnet, nc, openssl, s_client, nmap
Solution :
Command to connect remote host : ssh bandit13@bandit.labs.overthewire.org -p 2220
password is ****
.
To access password we need to login as bandit14 and for that the host is localhost. In the directory /home/bandit13 file sshkey.private contains SSH key to login into bandit14.
ssh
command is used to login and execute commands on a remote machine. Option -i
selects a file from which the identity (private key) for RSA or DSA authentication is read and the file sshkey.private
. The command is
ssh -i sshkey.private bandit14@localhost
The password is stored in /etc/bandit_pass/bandit14.
The command is cat /etc/bandit_pass/bandit14
and the password is ****
.
Reference : https://linux.die.net/man/1/ssh https://support.rackspace.com/how-to/logging-in-with-an-ssh-private-key-on-linuxmac/
Bandit Level 14 → Level 15
Level Goal
The password for the next level can be retrieved by submitting the password of the current level to port 30000 on localhost.
Commands you may need to solve this level
ssh, telnet, nc, openssl, s_client, nmap
Solution :
Command to connect remote host : ssh bandit14@bandit.labs.overthewire.org -p 2220 password
is ****
.
netcat
is a simple unix utility which reads and writes data across network connections, using TCP or UDP protocol.
nc
host port creates a TCP connection to the given port on the given target host. Your standard input is then sent to the host, and anything that comes back across the connection is sent to your standard output. The command is
nc localhost 30000
and then enter password of this level. The password for the next level is ****
.
Reference : https://www.commandlinux.com/man-page/man1/nc.1.html
Bandit Level 15 → Level 16
Level Goal
The password for the next level can be retrieved by submitting the password of the current level to port 30001 on localhost using SSL encryption.
Helpful note: Getting “HEARTBEATING” and “Read R BLOCK”? Use -ign_eof and read the “CONNECTED COMMANDS” section in the manpage. Next to ‘R’ and ‘Q’, the ‘B’ command also works in this version of that command…
Commands you may need to solve this level
ssh, telnet, nc, openssl, s_client, nmap
Solution :
Command to connect remote host : ssh bandit15@bandit.labs.overthewire.org -p 2220
password is ****
.
OpenSSL comes with a client tool that you can use to connect to a secure server. The tool is similar to telnet or nc, in the sense that it handles the SSL/TLS layer but allows you to fully control the layer that comes next.
To connect to a server, you need to supply a hostname and a port. For example: $ openssl s_client -connect www.feistyduck.com:443
So our command is
openssl s_client -connect localhost:30001
and then enter password for the current level. The password for the next level is ****
.
Reference : https://www.feistyduck.com/library/openssl-cookbook/online/ch-testing-with-openssl.html
Next Post
Bandit Level 16 to Level 18 Bandit Level 19 to Level 20 Bandit Level 21 to Level 22 Bandit Level 23 → Level 24 Bandit Level 24 → Level 25 Bandit Level 25 to Level 26 Bandit Level 27 to Level 31 Bandit Level 32 → Level 33