Exploring OverTheWire: Level 13 to Level 14 - Bandit Challenge

📆 · ⏳ 2 min read · ·

Introduction

As we progress further in the Bandit Challenge, Level 14 ↗️ presents us with a unique scenario. Our objective is to obtain a private SSH key stored in a particular location, which will allow us to access the next level.

By utilizing our knowledge of secure connections, cryptographic tools, and SSH keys, we’ll retrieve the private key, configure our connection, and successfully log into the next level.

Challenge Overview

💡

Level 14 challenges us to retrieve a private SSH key that can be used to log into the next level. The password for the next level is stored in a specific location and can only be read by user bandit14.

Our task is to access this location, retrieve the private key, and use it to establish a secure SSH connection to the next level.

Approach and Strategy

Follow these steps to successfully solve Level 14

Terminal window
ssh [email protected] -p 2220

Enter the password you obtained from the previous level.

Once logged in, retrieve the private SSH key by copying its contents using the cat command

Terminal window
cat sshkey.private

Create a directory under /tmp to store the SSH key and move into it using cd.

Terminal window
mkdir /tmp/sshkey && cd /tmp/sshkey

Create a file named id_rsa and paste the contents of the private key into it. Choose your preferred text editor to create the file. Here I am using vi.

Terminal window
vi id_rsa

Set the permissions of the id_rsa file to 600.

Terminal window
chmod 600 id_rsa

Log in to the next level using SSH and the private key.

Terminal window
ssh bandit14@localhost -p 2220 -i id_rsa

The -i flag specifies the identity (private key) to be used for authentication.

Once logged in, find the password for the next level by using the cat command to read the contents of the /etc/bandit_pass/bandit14 file.

Terminal window
cat /etc/bandit_pass/bandit14

This will display the password for Level 14. Take note of it for the next level.

Conclusion

Congratulations on successfully completing Level 14 of the Bandit Challenge! By retrieving the private SSH key, configuring your local machine, and establishing a secure SSH connection, you have gained access to the next level. Our understanding of secure connections and cryptographic tools has expanded, enhancing our cybersecurity skills.

Stay tuned for the next blog post, where we’ll tackle Level 15 and face new challenges in our quest to become proficient cybersecurity practitioners.

You may also like

  • Exploring OverTheWire: Level 20 to Level 21 - Bandit Challenge

    Welcome back to our captivating journey through the Bandit Challenge! In this blog post, we're geared up to conquer Level 21, where a setuid binary introduces a novel challenge involving network connections. Join me as we delve into the mechanics of connecting to localhost, reading text, and successfully obtaining the password to proceed. Let's dive in!

  • Exploring OverTheWire: Level 19 to Level 20 - Bandit Challenge

    Welcome back to our thrilling journey through the Bandit Challenge! In this blog post, we're poised to conquer Level 20, where we encounter a setuid binary that holds the key to our progress. Join me as we explore the concept of setuid binaries, learn how to execute them, and successfully uncover the password to continue our journey. Let's dive in!

  • Exploring OverTheWire: Level 18 to Level 19 - Bandit Challenge

    Welcome back to our riveting journey through the Bandit Challenge! In this blog post, we're set to conquer Level 19, where a password is concealed within a file. However, a clever twist awaits us—someone has tampered with the system to log us out during SSH login. Join me as we navigate through this challenge using commands like ssh, ls, and cat, all while devising strategies to overcome the unexpected hurdle. Let's dive in!