Exploring OverTheWire: Level 18 to Level 19 - Bandit Challenge

📆 · ⏳ 2 min read · ·

Introduction

As we progress further in the Bandit Challenge, Level 19 ↗️ presents us with an intriguing challenge. Our objective is to retrieve a password hidden within a file. However, this challenge comes with a twist—the system has been tampered with to automatically log us out during SSH login.

Challenge Overview

💡

Level 19 challenges us to retrieve the password stored in a file named readme located in the home directory. However, the system’s .bashrc file has been modified to log us out automatically upon SSH login.

Our task is to employ commands that allow us to bypass this restriction, access the file, and retrieve the password.

Approach and Strategy

Follow these steps to successfully solve Level 19

Terminal window
ssh [email protected] -p 2220

Enter the password you obtained from the previous level.

Notice that the system logs you out automatically due to the modified .bashrc file. To bypass this automatic logout, use the -t flag to allocate a pseudo-terminal.

With this we will directly run the cat readme command to display the contents of the readme file.

Terminal window
ssh [email protected] -p 2220 -t "cat readme"

This command will force the allocation of a pseudo-terminal and execute the cat readme command. The password for the next level will be displayed. Take a note of it for next level.

Notes

  • The -t flag can be used to allocate a pseudo-terminal during SSH login. This is useful when the system has been modified to log you out automatically during SSH login.

Conclusion

Congratulations on successfully completing Level 19 of the Bandit Challenge! This was a very interesting problem and by leveraging the -t flag we were able to solve it. Our ability to adapt and strategize in challenging scenarios has grown, enhancing our cybersecurity prowess.

Stay tuned for the next blog post, where we’ll tackle Level 20 and continue our journey to become skilled cybersecurity practitioners.

You may also like

  • Exploring OverTheWire: Level 20 to Level 21 - Bandit Challenge

    Welcome back to our captivating journey through the Bandit Challenge! In this blog post, we're geared up to conquer Level 21, where a setuid binary introduces a novel challenge involving network connections. Join me as we delve into the mechanics of connecting to localhost, reading text, and successfully obtaining the password to proceed. Let's dive in!

  • Exploring OverTheWire: Level 19 to Level 20 - Bandit Challenge

    Welcome back to our thrilling journey through the Bandit Challenge! In this blog post, we're poised to conquer Level 20, where we encounter a setuid binary that holds the key to our progress. Join me as we explore the concept of setuid binaries, learn how to execute them, and successfully uncover the password to continue our journey. Let's dive in!

  • Exploring OverTheWire: Level 17 to Level 18 - Bandit Challenge

    Welcome back to our captivating journey through the Bandit Challenge! In this blog post, we're set to conquer Level 18, where our mission is to identify the password that has been changed between two files. Join me as we explore file comparisons, employ commands like cat, grep, and diff, and successfully uncover the password to progress further. Let's dive in!