Exploring OverTheWire: Level 4 to Level 5 - Bandit Challenge

📆 · ⏳ 3 min read · ·

Introduction

As we progress in the Bandit Challenge, Level 5 ↗️ introduces us to the concept of human-readable files. Our objective is to locate and extract the password stored within the only file in the “inhere” directory that is readable by humans.

Challenge Overview:

💡

Level 5 challenges us to identify the sole human-readable file within the “inhere” directory. Our task is to distinguish this file from others that may not be readable by humans.

By utilizing commands like file, ls and cat we’ll navigate the file system, examine file contents, and retrieve the password.

Approach and Strategy

Follow these steps to successfully solve Level 5:

Terminal window
ssh [email protected] -p 2220

Enter the password you obtained from the previous level.

Once logged in, navigate to the “inhere” directory using the cd command:

Terminal window
cd inhere

This allows us to change our working directory.

Display the files and directories within the “inhere” directory using the ls command:

Terminal window
ls -l

This will provide a list of files and directories within the current directory.

Among the listed files, we need to identify the only human-readable file. Human-readable files typically contain plain text that can be easily read by humans.

One approach to identifying the human-readable file is to use the file command. Run the following command:

Terminal window
file ./*

This will display the file types and information for all the files in the directory. The response would look something like this

Terminal window
./-file00: data
./-file01: data
./-file02: data
./-file03: data
./-file04: data
./-file05: data
./-file06: data
./-file07: ASCII text
./-file08: data
./-file09: Non-ISO extended-ASCII text, with no line terminators

Look for the file that has a type indicating it is human-readable, such as “ASCII text” or “UTF-8 Unicode text”. These types suggest that the file contains readable text.

From above response we see the file "./-file07" is of format “ASCII text”.

To view the contents of this file, use the cat command:

Terminal window
cat ./-file07

The password for Level 5 will be displayed in the output. Take note of it for the next level.

Note: If your terminal becomes distorted during the process, use the reset command to restore it to the default settings.

Notes

  • Human-readable files contain text that can be easily read by humans. We can use file ↗️ command to get details about the file.
  • If your terminal becomes distorted, use the “reset” command to restore it.

Conclusion

Congratulations on successfully completing Level 5 of the Bandit Challenge! By exploring the file system and identifying the human-readable file within the “inhere” directory, we obtained the password necessary to progress further.

Stay tuned for the next blog post, where we’ll embark on Level 6 and face new challenges in our quest to become cybersecurity experts.

You may also like

  • Exploring OverTheWire: Level 20 to Level 21 - Bandit Challenge

    Welcome back to our captivating journey through the Bandit Challenge! In this blog post, we're geared up to conquer Level 21, where a setuid binary introduces a novel challenge involving network connections. Join me as we delve into the mechanics of connecting to localhost, reading text, and successfully obtaining the password to proceed. Let's dive in!

  • Exploring OverTheWire: Level 19 to Level 20 - Bandit Challenge

    Welcome back to our thrilling journey through the Bandit Challenge! In this blog post, we're poised to conquer Level 20, where we encounter a setuid binary that holds the key to our progress. Join me as we explore the concept of setuid binaries, learn how to execute them, and successfully uncover the password to continue our journey. Let's dive in!

  • Exploring OverTheWire: Level 18 to Level 19 - Bandit Challenge

    Welcome back to our riveting journey through the Bandit Challenge! In this blog post, we're set to conquer Level 19, where a password is concealed within a file. However, a clever twist awaits us—someone has tampered with the system to log us out during SSH login. Join me as we navigate through this challenge using commands like ssh, ls, and cat, all while devising strategies to overcome the unexpected hurdle. Let's dive in!