Bandit Walkthrough – Level 14

Level Description

http://www.overthewire.org/wargames/bandit/bandit15.shtml

This level teaches you how to send information to a specific port on a device. The information we need to send is bandit14’s password (which is now readable to us).

Hint

If you recall from the last level, the password for bandit14 is located in /etc/bandit_pass/ – you will need to read the password out of this and pass it to port 30000 on the localhost. I did this utilizing netcat, but after talking a friend I found it could also be done through Telnet. Pick your poison and read up!

Solution	Select Show
Once again this is a pretty straight forward solution. Personally I used netcat because it is the first thing that came to mind. I’ll show you the command for that, then I’ll explain how to do it using Telnet. If you are doing these games to become more familiar with security work, I’d suggest reading up on netcat as it is an extremely useful tool for security work. If you are doing these games just to be more familiar with the command line and various Linux commands, Telnet might be more useful in the long run for you. Netcat – The following command will read the password out of the bandit14 file, then pass the output to the netcat (nc) command. The nc command connects to the localhost on port 30000 and sends it the text that it got from the cat command. In return you will get back the password for the next level. [$]-> cat /etc/bandit_pass/bandit14 \| nc localhost 30000 Telnet – First you must read the contents of the password file, then copy those contents to your local clipboard. Once you have the password you want to connect to port 30000 on the localhost. Once connected you will paste the password and press enter to send it. You will be rewarded with the password for bandit15. [$]-> cat /etc/bandit_pass/bandit14 [$]-> telnet localhost 30000 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e The password for bandit15 is: BfMYroe26WYalil77FoDi9qh59eK5xNr

Solution

Show

Once again this is a pretty straight forward solution. Personally I used netcat because it is the first thing that came to mind. I’ll show you the command for that, then I’ll explain how to do it using Telnet. If you are doing these games to become more familiar with security work, I’d suggest reading up on netcat as it is an extremely useful tool for security work. If you are doing these games just to be more familiar with the command line and various Linux commands, Telnet might be more useful in the long run for you.

Netcat – The following command will read the password out of the bandit14 file, then pass the output to the netcat (nc) command. The nc command connects to the localhost on port 30000 and sends it the text that it got from the cat command. In return you will get back the password for the next level.

[$]-> cat /etc/bandit_pass/bandit14 | nc localhost 30000

Telnet – First you must read the contents of the password file, then copy those contents to your local clipboard. Once you have the password you want to connect to port 30000 on the localhost. Once connected you will paste the password and press enter to send it. You will be rewarded with the password for bandit15.

[$]-> cat /etc/bandit_pass/bandit14
[$]-> telnet localhost 30000
4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e

The password for bandit15 is: BfMYroe26WYalil77FoDi9qh59eK5xNr

Kerberized: A Mac Administration and General Security Blog

Bandit Walkthrough – Level 14

Level Description

Hint

One thought on “Bandit Walkthrough – Level 14”

Leave a comment Cancel reply