The Bandit war-game is an introductory security game offered by the OverTheWire community (www.overthewire.org). The purpose of the website is to help you to learn security concepts through a variety of fun, website based games.
This series of articles will cover most of the games available on the overthewire site, starting with the Bandit. However, please note that this is only intended as a support for you and I highly encourage everyone to try to solve the games on your own (using only Google), as that is a huge part of the learning process.
The Bandit game is aimed at complete beginners with a goal to teach basics essential for other wargames. To access the game you use the following direct link: https://overthewire.org/wargames/bandit/
Level 0
To play this game we will have to connect a remote host using SSH, and that is what is required from us in the Level 0.
SSH is a cryptographic network protocol that allows us to securely connect to a remote server and perform remote operations using a command-line (follow links listed by overthewire or go to https://www.ssh.com/ssh/ to learn more about ssh).
To make a connections with a remote computer you will need to have SSH set up on your computer (SSH has to be enabled on both ends). On most Linux distributions and Mac OS SSH is installed by default, for Windows you can install Cygwin (during installation select OpenSSH from the Net section).
To check if ssh is installed on your compute, open either terminal (Linux and Mac OS), or Cygwin terminal and use ssh command, you should get a following result:
Okay, if everything is set we can start to tackle the 0 level of the game!
To tackle this level we will have to connect to the host server at bandit.labs.overthewire.org, using port 2220, and login bandit0. To establish a connection we will use the ssh command, using provided host address and credentials:
ssh bandit0@bandit.labs.overthewire.orgas we are asked to use port 2220, and the default one is 22, we will need to use -p option to change the port. The port can be also modified by changing the port directive in /etc/ssh/sshd_config on Linux. Again, you can read more about SSH and its features on www.ssh.com.
ssh bandit0@bandit.labs.overthewire.org -p 2220After this we will be asked for a password that is already provided (bandit0)
At this point we can start working on moving to level 1
Level 0 – Level 1
The password to access level 1 is stored in the readme file located in the home directory. To move there we use bash command cd, and then ls to list the files available in the home directory. The readme file is stored in the bandit0 directory
To read the file we can use any text editor, e.g. vim (vim readme), or simple use cat command (a standard unix utility that reads files sequential returning a standard output).
To move to the next level we need to use the password stored in the readme file and connect to the same host address as in level 0, changing the username to bandit1.
ssh bandit1@bandit.labs.overthewire.org -p 2220Level 1 – Level 2
The password for the next level is also stored in the home directory (bandit1 folder). To move there we use shell command cd, and then ls to list the files available in the home directory and identify the destination folder. The file with password to level 2 is store.d in the file located in the folder /home/bandit1
To open that file we can use cat command, the issue we are facing here is that the file name starts with a dash character (actually the name consists only of a dash). Because of that the standard way we use cat command won’t work. When cat sees such a string used as a file name it treats it as a synonym for stdin. To be able to get around this we need to alter the string that cat sees. We can do it is by using a prefix with a path
cat ./-or by using a full path to the file
cat /home/bandit1/-After executing one of the above commands we will get the password that will let us login to Level 2
Level 2 – Level 3
This level is very similar to the previous one. We need open a file in the bandit2 folder to obtain the password to the next level
cd /home/bandit2The problem we are facing here is that the name contains spaces, making the standard commands not work. To open such files we can use either an escape character \ (added before every space).
cat /home/bandit2/spaces\ in\ this\ filenameor if we are already in the /home/bandit2 directory:
cat spaces\ in\ this\ filenameWe can also just use single or double quote marks
cat 'spaces in this filename'
