Level 3 – 4
To obtain the password to the next level we have to open the file stored in the inhere folder. The problem here is that the file is hidden (which we get to know after using ls command).
bandit4@bandit:~$ cd inhere
bandit4@bandit:~$ ls
To see hidden files, we can use ls command with an -a flag
As there is only one file in this directory we can proceed to open it. To do so we can simply use the cat command. The command returns the password to level 5.
Level 4 – 5
Again, in this level the password is stored in the inhere directory, however this time ls -l command will return a number of files.
The one we are looking for is human-readable. Human-readable files are files that don’t require computer translation (ASCII or similar format vs binary data).
To determine the type of a file we can use file command, let’s try it on the first file
bandit4@bandit:~/inhere$ file ./-file00
./-file00: dataGoing through each file manually could be tedious, to make it faster we can use an asterisk (*, also referred to as splat). When we use it with commands, shell will match any character from that point onward
bandit4@bandit:~/inhere$ file ./-file*
We see that the only file with human readable data is file07. We can access it using cat command to get the password to the next level
Level 5 – 6
This time we will need to find a file stored in the inhere directory that has following properties:
- human-readable
- 1033 bytes in size
- not executable
To do so we move to the correct directory and use the same commands as in the last level:
As we can see all files stored in the inhere directory are actually other directories. Let’s take a look at one of them
Again, going manually through all folders and files would be very tedious, therefore we need to find a better way. We can actually use a command find adding some additional flags. To learn about different attributes that you can use with this file, you can just read the manual using man find command
We will use option -size 1033c to look for files that are 1,033 bytes in size
we are also asked to look for a human-readable file. This term is rather vague but we can try to filter by regular files using –type f option with find command.
Next, we can combine find with xargs and grep commands to scan all folders looking only for text files
Finally to make the file executable we can use ! -executable (exclamation sign to look for non executable).
Whole command:
find -type f ! -executable -size 1033c | xargs file | grep text
You might notice that it would be enough to just look for a file of a right size to find the file with the password, as there is only one file with the correct size (1,033 bytes):
Now the only thing we have to do is to open that file and use the password to get to level 6
