Mike’s Blog
OverTheWire Bandit - LVL1 (Completed)

OverTheWire Bandit - LVL1 (Completed)

Mike Kobbie Tieku TABI's photo
Mike Kobbie Tieku TABI
·

2 min read

Table of contents

The goal for → LVL 1::

Level Goal:

→ The password for the next level is stored in a file called readme located in the home directory. Use this password to log into bandit1 using SSH. Whenever you find a password for a level, use SSH (on port 2220) to log into that level and continue the game.

TIP: Create a file for notes and passwords on your local machine!

NOTE: Passwords for levels are not saved automatically. If you do not save them yourself, you will need to start over from bandit0.

NOTE: Passwords also occasionally change. It is recommended to take notes on how to solve each challenge. As levels get more challenging, detailed notes are useful to return to where you left off, reference for later problems, or help others after you’ve completed the challenge.

Commands you may need to solve this level:

ls , cd , cat , file , du , find

https://www.tecmint.com/special-character-filenames-linux/#Dashed_Filename_in_Linux

Explanation:

Password for Bandit1: ZjLjTmM6FvvyRnrb2rfNWOZOTa6ip5If

Using what we learned from the last lesson, ssh into Bandit Lvl 1. We can do this by entering the following:

ssh bandit1@bandit.labs.overthewire.org -p2220

You’ll then be asked top enter the password for Bandit1. Type it in and press enter (REMEMBER, you wont see the password type out on screen so type it carefully and correctly). Once this is done you’ll successfully connect:

Now, we have already been told what file the password for the next level is located in so lets start looking for this by using the ls command.

Strange all we see is a “-”. Well, this is actual name of a file, known as a dashed filename.

Dashed Filename in Linux:

For more information on Dashed Filenames, please visit the link below:

https://linux-tips.com/t/dashed-filename-in-linux/188

Dashed filename in Linux

In short, using a “-” for a filename is perfectly legal to do in the Linux world, though legality doesnt equate to good practice. In Linux, command options usually start with a “-”, so if you decide to access the file called “-”, the system will assume you are trying to type a command option and simply haven't completed it.

So to avoid this confusion, we can do 1 of 2 things:

  1. Redirection from stdin (standard input):

    cat **<** -file_name

    so… cat < -

  2. Prefix the path of the file using ./. The ./ prefix indicates that the filename follows, ensuring that the file named - in the current directory is interpreted as a filename and not as an option to the cat command: cat ./-

As you can see below I have used both to get the same output:

Our Level 2 password is: 263JGJPfgU6LtdEvgfWU1XP5yac29mFx

That is Bandit Level 1 complete, Head over to Bandit Level 2!

linux for beginnerslinux-basicslinux-commandsLinuxoverthewire