Post

OverTheWire: Bandit Level 3 → Level 4

OverTheWire - Bandit

Level Goal

The password for the next level is stored in a hidden file in the inhere directory.

Commands you may need to solve this level

ls, cd, cat, file, du, find

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
> whatis ls                                                                           
ls (1)          - list directory contents  

> whatis cd  
cd  (1)         - change working directory  

> whatis cat                                                                                                       
cat (1)         - concatenate files and print on the standard output  

> whatis file  
file (1)        - determine file type  

> whatis du    
du (1)          - estimate file space usage  

> whatis find  
find (1)        - search for files in a directory hierarchy

Note: All commands don’t have to be used to complete level

Helpful Reading Material

15 Basic ‘ls’ Command Examples for Linux Beginners

Solution

View the files that are present in the current working directory using the ls command

1
2
bandit3@bandit:~$ ls  
inhere

Move into the inhere/ directory. This can be done using the cd command

1
bandit3@bandit:~$ cd inhere/

View files that are in the directory using the ls command. Since we know the file is hidden we have to use the -a flag to view hidden files.

(For more information on the ls command and its various flags refer to man ls or ls --help )

1
2
bandit3@bandit:~/inhere$ ls -a  
.  ..  .hidden

View the content of the .hidden file using the cat command

1
2
bandit3@bandit:~/inhere$ cat .hidden  
pIwrPrtPN36QITSp3EQaw936yaFoFgAB

We have found the password for the next level !!

Logout of the current session and use the password of user bandit4 to access the next level

1
2
3
4
> ssh bandit4@bandit.labs.overthewire.org -p 2220  
This is a OverTheWire game server. More information on http://www.overthewire.org/wargames

bandit4@bandit.labs.overthewire.org's password: pIwrPrtPN36QITSp3EQaw936yaFoFgAB
This post is licensed under CC BY 4.0 by the author.