Wargame Walkthrough: Bandit Level 5

This is a walkthrough to the bandit wargame made by OverTheWire. It can be found on their website at https://overthewire.org/wargames/bandit

Level 5

Given information: The password is in the inhere directory and is human-readable, 1033 bytes in size, and not executable.

When we log into the level, we see a inhere directory, as to be expected. Navigating into it lets us see that there are twenty other directories in the inhere directory, labeled ‘maybehere[0-19]’.

This is a problem because all of these directories have files, and we need to see the single one that has the right characteristics. Thankfully, there is a command for doing such a thing. This command is ‘find’. This command takes arguments and then finds the thing or things that fit those arguments in the directory you specify. The syntax is as follows: ‘find [directory it is in] -type [type it is, in this case “f” for file] -size [size in bytes with a “c” after] ! -executable’. All of these arguments are subject to what you are looking for, like the way we use arguments for ‘ls’. Some times you might not need to specify the size of the file, or whether or not it is executable, in which case you could leave those ones out. The exclamation point is absolutely essential for this command to work properly; if you try it without it you will never get your result. The exclamation point means ‘not’ in most coding languages, including bash, which is the Linux terminal language. This means every argument we specify after the exclamation point will not be on our target file, such as executability, which we do not want on our target file. Typing this command in full gives us the desired output: the filepath leading to the password.

When we print out the file, (we can do so without even navigating to the directory by specifying the entire filepath to ‘cat’) we see our password neatly printed out in the terminal for us to save in our document.

Just remember that unless you are using a third-party text editor, the basic text editors on Linux (nano, gedit, etc.) do not save automatically. So if you don’t want to lose all your work, hit the save button or Ctrl-s before closing the window. Also, if you want to work on your document and use the terminal at the same time with gedit you can type the edit command as normal, but follow your filename with an ampersand (&) with no space between the filename and the ampersand. This will make the terminal complain, but you will be able to successfully edit the document in one window and work in the terminal in another. Just don’t forget to save before closing!

This wargame can be found on https://overthewire.org/wargames/bandit
Check them out for more wargames and the rest of the levels.