Bandit Wargames

Passwords

bandit0

bandit1

boJ9jbbUNNfktd78OOpsqOltutMc3MY1

bandit2

CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9

bandit3

UmHadQclWmgdLOKQ3YNgjWxGoRMb5luK

bandit4

pIwrPrtPN36QITSp3EQaw936yaFoFgAB

bandit5

koReBOKuIDDepwhWk7jZC0RTdopnAYKh

bandit6

DXjZPULLxYr17uwoI01bNLQbtFemEgo7

bandit7

HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs

bandit8

cvX2JJa4CFALtqS87jk27qwqGhBM9plV

bandit9

UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR

bandit10

truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk

bandit11

IFukwKGsFW8MOq3IRFqrxE1hxTNEbUPR

bandit12

5Te8Y4drgCRfCx8ugdwuEX8KFC6k2EUu

bandit13

8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL

bandit14

4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e

bandit15

BfMYroe26WYalil77FoDi9qh59eK5xNr

bandit16

cluFn7wTiGryunymYOu4RcffSxQluehd

bandit18

kfBf3eYk5BPBRzwjqutbbfE887SVc5Yd

bandit19

IueksS7Ubh8G3DCwVzrTd8rAVOwq3M5x

bandit20

GbKksEFF4yrVs6il55v6gwY5aVje5f0j

bandit21

gE269g2h3mw3pwgrj0Ha9Uoqen1c9DGr

bandit22

Yk7owGAcWjwMVRwrTesJEwB7WVOiILLI

bandit23

jc1udXuA1tiHqjIsL8yaapX5XIAI6i0n

bandit24

UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ

bandit25

uNG9O58gUE7snukf3bvZ0rxhtnjzSGzG

bandit26

5czgV9L3Xx8JPOyRbXh6lQbmIOWvPT6Z

bandit27

3ba3118a22e93127a4ed485be72ef5ea

bandit28

0ef186ac70e04ea33b4c1853d2526fa2

bandit29

bbc96594b4e001778eee9975372716b2

bandit30

5b90576bedb2cc04c86a9e924ce42faf

bandit31

47e603bb428404d265f59c42920d81e5

bandit32

56a9bf19c63d650ce78e6ec0354ee45e

bandit33

c9c3199ddf4121b10cf581a98d51caee

In addition to magic bytes, gzip also checks that the file name has the proper file extension
- .gz, -gz, .z, -z, _z
- also supports: .tgz, .taz, .tar.gz, .tar.Z,
bzip2 requires the .bz2 file extension
tar does not require a file extension

Loop through all files/folders in the current directory and display their name/type

bandit4@bandit:~/inhere$ for x in `find . -type f -print`; do file $x; done

./-file09: data

./-file06: data

./-file01: data

./-file02: data

./-file05: data

./-file03: data

./-file08: data

./-file07: ASCII text

./-file04: data

./-file00: data

Find a files owned by a particular user

find / -user <user> 2>/dev/null

Find the lines of text that only occur once

sort data.txt |uniq -u

Decode base64

base64 -d <file with base64 encoded text>

Decode ROT13

cat data.txt |tr a-zA-Z n-za-mN-ZA-M

Convert Hexdump from ASCII back to Binary

xxd -r <ascii file name> <new binary file name>

Extract files (gzip, bzip2, tar)

gzip -d <file>

bzip2 -d <file>

tar -xvf <file>

Submit Data to a Port using SSL Encryption

echo BfMYroe26WYalil77FoDi9qh59eK5xNr | openssl s_client -quiet -connect localhost:30001

SSH using a specific shell

ssh -t <username>@<server> <shell>

e.g.

ssh -p 2220 -t bandit18@bandit.labs.overthewire.org /bin/sh

useful in this level to avoid the autologout set in the .bashrc file
- this is because since we didn't spawn a bash shell (the default) the .bashrc file never gets loaded

Git

git log

show commit logs

git checkout

switch branches or restore working tree files

git branch

show current branch

git branch -a

show all branches

git checkout <branch name>

change to a different branch

git show <commit name>

show the contents of a commit

git reflog

show reference logs

*** there is a .gitignore file which specifies the files that will be ignored and will not be used in any commits or pushes that you try to make to your repository

PreviousLinux file recovery multiple ways Nextview all files in subdirectories

Last updated 2 years ago