Exploring OverTheWire: Level 17 to Level 18 - Bandit Challenge

📆 · ⏳ 2 min read · ·

Introduction

As we continue our ascent in the Bandit Challenge, Level 18 ↗️ presents us with a unique challenge. We’re faced with two files, and our task is to identify the password that has been changed between them.

Challenge Overview

💡

Level 18 challenges us to compare two files, passwords.old and passwords.new, and identify the password that has been changed between them. Our goal is to locate the single line within passwords.new that differs from the corresponding line in passwords.old.

By using commands like cat, grep, and diff, we’ll successfully uncover the password and advance to the next level.

Approach and Strategy

Remember in previous level we did not get a password but instead got a private SSH key. We will use that key to login to this level.

Login to SSH by providing the private key using the -i flag.

Terminal window
ssh [email protected] -p 2220 -i sshkey.private

Now, we will use the diff command to compare the contents of the two files and identify the changed line

Terminal window
diff passwords.new passwords.old --suppress-common-lines --side-by-side

This command will display the differences between the two files.

The --suppress-common-lines flag will suppress the common lines between the two files, and the --side-by-side flag will display the output in a side-by-side format.

Since we want to pick the password from the new file, we will take the password from the left side of the output. Take note of it for the next level.

Notes

  • The diff ↗️ command is used to compare the contents of two files.
  • Pay close attention to the output of the diff command to identify changed lines.

Conclusion

Congratulations on successfully completing Level 18 of the Bandit Challenge! By comparing the contents of two files and identifying the changed line, we uncovered the password for the next level.

Stay tuned for the next blog post, where we’ll take on Level 19 and continue our journey to become proficient cybersecurity practitioners.

You may also like

  • Exploring OverTheWire: Level 20 to Level 21 - Bandit Challenge

    Welcome back to our captivating journey through the Bandit Challenge! In this blog post, we're geared up to conquer Level 21, where a setuid binary introduces a novel challenge involving network connections. Join me as we delve into the mechanics of connecting to localhost, reading text, and successfully obtaining the password to proceed. Let's dive in!

  • Exploring OverTheWire: Level 19 to Level 20 - Bandit Challenge

    Welcome back to our thrilling journey through the Bandit Challenge! In this blog post, we're poised to conquer Level 20, where we encounter a setuid binary that holds the key to our progress. Join me as we explore the concept of setuid binaries, learn how to execute them, and successfully uncover the password to continue our journey. Let's dive in!

  • Exploring OverTheWire: Level 18 to Level 19 - Bandit Challenge

    Welcome back to our riveting journey through the Bandit Challenge! In this blog post, we're set to conquer Level 19, where a password is concealed within a file. However, a clever twist awaits us—someone has tampered with the system to log us out during SSH login. Join me as we navigate through this challenge using commands like ssh, ls, and cat, all while devising strategies to overcome the unexpected hurdle. Let's dive in!