Exploring OverTheWire: Level 1 to Level 2 - Bandit Challenge

📆 · ⏳ 2 min read · ·

Introduction

As we advance in the Bandit Challenge, Level 2 ↗️ presents us with a peculiar file name. Our objective is to locate and extract the password stored in a file with a dashed filename within the home directory.

Challenge Overview

💡

Level 2 introduces us to a file with a special name containing a hyphen "-". Our task is to identify and access this file, which holds the password for the next level.

We’ll leverage commands such as “ls,” “cd,” and “cat” to navigate the file system, examine the contents of the file, and uncover the password.

Approach and Strategy

Log in to Level 1 using SSH with the following command:

Terminal window
ssh [email protected] -p 2220

Enter the password you obtained from the previous level.

After logging in, execute the following command to view the files in the home directory:

Terminal window
ls -a

This command reveals hidden files, denoted by filenames beginning with a dot.

Among the files, you will find the one with the dashed filename. To view its contents, use the cat command:

Terminal window
cat ./-

The "./-" specifies the file with the dashed filename.

The password for Level 2 will be displayed in the output. Make a note of it for the next level.

Lessons Learned

Level 2 enhanced our file navigation skills and introduced us to special characters in filenames. We learned to use the “ls” command with options to reveal hidden files and successfully accessed a file with a dashed filename.

These skills are valuable in real-world scenarios where file naming conventions might deviate from the norm.

Notes

  • When encountering special characters in filenames, use "./" before the filename to ensure proper interpretation.

Conclusion

Congratulations on completing Level 2 of the Bandit Challenge! We skillfully maneuvered through a file system containing a file with a unique dashed filename.

By using essential commands and understanding the impact of special characters, we successfully extracted the password. We’re one step closer to mastering cybersecurity!

Stay tuned for the next blog post, where we’ll explore Level 3 and face new challenges in our quest for cybersecurity expertise.

You may also like

  • Exploring OverTheWire: Level 20 to Level 21 - Bandit Challenge

    Welcome back to our captivating journey through the Bandit Challenge! In this blog post, we're geared up to conquer Level 21, where a setuid binary introduces a novel challenge involving network connections. Join me as we delve into the mechanics of connecting to localhost, reading text, and successfully obtaining the password to proceed. Let's dive in!

  • Exploring OverTheWire: Level 19 to Level 20 - Bandit Challenge

    Welcome back to our thrilling journey through the Bandit Challenge! In this blog post, we're poised to conquer Level 20, where we encounter a setuid binary that holds the key to our progress. Join me as we explore the concept of setuid binaries, learn how to execute them, and successfully uncover the password to continue our journey. Let's dive in!

  • Exploring OverTheWire: Level 18 to Level 19 - Bandit Challenge

    Welcome back to our riveting journey through the Bandit Challenge! In this blog post, we're set to conquer Level 19, where a password is concealed within a file. However, a clever twist awaits us—someone has tampered with the system to log us out during SSH login. Join me as we navigate through this challenge using commands like ssh, ls, and cat, all while devising strategies to overcome the unexpected hurdle. Let's dive in!