Bandit6
Website URL: http://overthewire.org/wargames/bandit/bandit6.html
Log into bandit5 from the password obtained in Bandit5
Reading through the OverTheWire webpage for bandit5, we see:
The password for the next level is stored in a file somewhere under the inhere directory and has all of the following properties:
human-readable
1033 bytes in size
not executable
Let’s run a ls -al command on the inhere directory and see it’s output:
ls -al inhere
Well, it looks like parsing through all those folders will take too much effort. Let’s find out if we can do it using another way. We know that the file itself is 1033 bytes in size. Let’s see if there’s any file of that size. Now, ls -ah gives the output containing the size of the file. So we can use that to find out if there’s a file of 1033 bytes in the hierarchy anywhere.
ls -al inhere/* | grep 1033
There’s only one file of 1033 bytes. But we don’t know the entire path. So, let’s try to get the folder name where the file is stored. Let’s get the output of the ls part of the command but focus on where the file is stored. We can do it by slightly changing the grep part of the command.
ls -al inhere/* | grep 1033 -B 10
Now, we can see that the file is stored in inhere/maybehere07 directory. Let’s use a cat command to get the contents.
cat inhere/maybehere07/.file2We got the password for bandit6