OverTheWire: Bandit Walkthrough Level [31–34] :-)

4 min readOct 9, 2020

Level 30-> Level 31

The goal of this level is to access a git repository at ssh://bandit30-git@localhost/home/bandit30-git/repo. The password for the user bandit30-git is the same as for the user bandit30. We need to clone the repository at our local computer and find the password for the next level.

This level is same as level 28,29,30. Follow first three steps of level 28/29/30.

Steps to follow after completing first three steps:

1. Check the files present in repo.

2. README.md file is present. When we cat README.md file we found a text “just an empty file… muahaha”

3. Check for the branch if present. But no branch present.

4. Tags may be present. Tag operation allows giving meaningful names to a specific version in the repository. Check for the tags using command git tag.

5. One tag is present and named as secret. It may give us the password. Use command git show secret to display what content is tagged.

6. Our password was tagged as secret.

Use the command ssh bandit31@localhost to connect to the level 31.

Enter the password and hit enter.

Successfully passed level 31.…

Level 31-> Level 32

The goal of this level is to access a git repository at ssh://bandit31-git@localhost/home/bandit31-git/repo. The password for the user bandit31-git is the same as for the user bandit31. We need to clone the repository at our local computer and find the password for the next level.

This level is same as level 28,29,30.31. Follow first three steps of level 28/29/30/31.

Steps to follow after completing first three steps:

1. Check the files present in repo.

2. README.md file is present. When we cat README.md file we found a text

“This time your task is to push a file to the remote repository.

Details:

File name: key.txt

Content: ‘May I come in?’

Branch: master”

3. Hence, we need to create a key.txt file and add the line ‘May I come in?’ into this file and add this file into the remote repository. Commands used are shown in the snapshot.

4. OOPS!!! We are unable to add the file to the repository because the paths are ignored by some .gitignore file.

5. Cat .gitignore file. The .gitignore file specified intentionally untracked files to ignore. We can remove the .gitignore file first then push the file to the repository again.

6. Use command rm .gitignore to remove the file.

7. Now, again add the file key.txt.

8. Use command git commit -m “My file” to commit the change.

9. And use command git push origin master for branch.

10. Use the password of bandit31.

Use the command ssh bandit32@localhost to connect to the level 32.

Enter the password and hit enter.

Successfully passed level 32.…

Level 32-> Level 33

Once logged in to the level 32, we are welcomed by the message “WELCOME TO THE UPPERCASE SHELL”. Now, our goal is to figure out how to use commands in this shell.

Each command that we type is converted into uppercase and hence it did not work. Getting idea from man sh I got to know that $0 can be used to invoke the Bash.

Using ls -la we found that user bandit32 has escalated its privileges to bandit33.

Now, the next step is very easy.

We can simply use command cat /etc/bandit_pass/bandit33 to get the password.