OverTheWire-Bandit CTF

0. sshpass -f filename ssh bandit0@bandit.overthewire.labs.org -p 2220

   ssh bandit0@bandit.overthewire.labs.org -p 2220

1. cat ./-file dashed file

2. find . -type f | xargs file
   man xargs

• bandit5@bandit:~/inhere$ ls | xargs cat
  cat: maybehere00: Is a directory
  cat: maybehere01: Is a directory
  cat: maybehere02: Is a directory
  cat: maybehere03: Is a directory

• cat ‘spaces files’

• cat /space/files

• find . -type f -size 1033c ! -executable . can be iglected

6. find / -type f -user bandit7 -group bandit6 -size 33c

7. cat data.txt | grep ‘millionth’

8. sort data.txt | uniq -c
   cat data.txt | sort | uniq -c | grep -v ‘10’

9. strings data.txt | grep ‘=’

10. echo ‘VGhlIHBhc3N3b3JkIGlzIDZ6UGV6aUxkUjJSS05kTllGTmI2blZDS3pwaGxYSEJNCg’ | base64 -d

11. echo ‘Gur cnffjbeq vf WIAOOSFzMjXXBC0KoSKBbJ8puQm5lIEi’ | rot13

12 xxd -r data.txt > something
file someting
mv something something.gz
gunzip something.gz
bunzip2
tar -xf
ls -l

13 ssh -i sshkey.private bandit14@localhost -p 2220

14 nc localhost port

15 cat /etc/bandit_pass/bandit15 | openssl s_client -connect localhost 30000 -ign_eof

16 nmap -T4 -p31000-32000 localhost
cat /ect/bandit_pass/ bandit17 | openssl s_client -connect localhost 3xxxx -ign_eof

nano bandit17 private key

chmod 600 bandit
ssh -i bandit17 bandit17@bandit.overthewire.labs.org -p 2220

quit vi :q!

17 diff password.new password.old

18 sshpass -f bandit18 ssh bandit18@bandit.labs.overthewire.org -p 2220 ‘cat readme’

19 ./bandit20-do id
./bandit20-do cat /etc/bandit_pass/bandit20

20 nc -lvp 8888
passwd

./suconnect 8888

21 cd /etc/cron.d
cat cronjob_bandit22
cat /usr/bin/cronjob_bandit22.sh
cat /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv

22 cd /etc/cron.d
cat cronjob_bandit23
cat /usr/bin/cronjob_bandit23.sh
echo “I am user bandit23” |md5sum | cut -d ’ ’ -f1
cat /tmp/8ca319486bfbbc3663ea0fbe81326349

23 cd /etc/cron.d ???

24 nano loops.sh

#!/bin/bash 
for i in {000.9999}
do
echo "PasswordOfBandit24 $i"
done

chmod 777 loops.sh
loops.sh > loops.txt
cat loops.txt | nc localhost 30002

25 v
:r /etc/bandit_pass/bandit26

26 v
:set shell=/bin/bash
:shell
bandit26:
./bandit27-do cat /etc/bandit_pass/bandit27

27/28/29
git clone ssh://bandit27-git@localhost:2220/home/bandit27-git/repo
got repo
git log # check the log
git branch -a
git show
git checkout
git reflog

30. git tag
    git show

31 git log
nano key.txt
git add key.txt -f
git status
git commit -m “added key.txt file”
git push

32 $0
cat /etc/bandit_pass_bandit33