Level 5 -> Level 6

The goal of this level is to find out the file which is human readable, 1033 bytes in size, not executable in the inhere directory and get the password of next level.

So now, firstly we will check the files and folders of the current directory in which we are by using ls command. Simple ls command is used to list out all the files and folder of the directory in which the user is present. A directory named inhere is present in the current directory in which we are. We will jump into this directory using cd command.

Again, using ls command, we will check files and directories present in inhere directory. We found 20 different directories and it will be difficult for us to check each file in each directory to find required file.

du command short for disk usage, is used to estimate file space usage. We can find the size of each and every file using du -ab command. But again, it is difficult for us to find the file of size 1033 bytes in all these files.

We need the file of size 1033 bytes so we can use file ./ -size 1033c command. ./ is used to access all the files of each and every directory and c is used for size in bytes. This command will display only that file which has size 1033 bytes.

After running the command we found that the required file is in maybehere07 directory and the file name is .file2 , we will jump into the maybehere07 directory using cd command and then read the content of file using simple cat command.

We got the password…

Use the command ssh bandit6@localhost to connect to the level 6.

Enter the password and hit enter.

Successfully passed level 6.…

Level 6 -> Level 7

The goal of this level is to find out the file somewhere on the server, which is owned by user bandit7, owned by group banit6, 33 bytes in size and get the password of next level.

Here, find command will be very used for us. find command is used to search and locate the list of files and directories based on conditions we specify for files that match the arguments. It can be used in a variety of conditions like we can find files by permissions, users, groups, file type, date, size, and other possible criteria.

Here in this level we are provided with user name, group and size so, we can use command find / -user bandit7 -group bandit6 -size 33c

Found the location of the required file: /var/lib/dpkg/info/ and the file name is bandit7.password

Using cat command we will read the content of the fill i.e. the password.

We got the password…

Use the command ssh bandit7@localhost to connect to the level 7.

Enter the password and hit enter.

Successfully passed level 7.…

Level 7 -> Level 8

The goal of this level is to read the content of data.txt file and get the password which is next to the word millionth for next level.

Using cat command, we can easily display the content of data.txt file, but it contains many different words and corresponding password. Password which is useful for us is next to the word millionth.

Here, grep command is useful for us. The grep filter searches a file for a particular pattern of characters, and displays all lines that contain that pattern. It allows us to find and print the results for whole words only. To search for a particular word in all files in the current directory, append –w to the grep command.

So, to search for word millionth we can use command as: grep -w millionth data.txt

Password for next level is next to this word.

Use the command ssh bandit8@localhost to connect to the level 8.

Enter the password and hit enter.

Successfully passed level 8.…

Level 8 -> Level 9

The goal of this level is to read the content of data.txt file and get the password which is the only line of text that occurs only once in the file.

Using cat command, we can easily display the content of data.txt file and using uniq -u we can find out the unique line. Instead of cat, sort command can be used which sorts the file assuming the content are ASCII. It will make easy to find the unique line. Sort is similar to cat command the only difference is that sort arrange the record in particular order.

Here, we can use command sort data.txt | uniq -u

| is used to switch from one command to the other.

Use the command ssh bandit9@localhost to connect to the level 9.

Enter the password and hit enter.

Successfully passed level 9.…

Level 9 -> Level 10

The goal of this level is to read the content of data.txt file and get the password which is in one of the few human-readable strings, beginning with several ‘=’ characters.

The strings command returns each string of printable characters in files. Its main uses are to determine the contents of and to extract text from binary files (i.e., non-text files).

Grep “characters” command is useful to find the string beginning with particular characters.

So, the command used is strings data.txt | grep “==”

Use the command ssh bandit10@localhost to connect to the level 10.

Enter the password and hit enter.

Successfully passed level 10.…

Keep learning :-)

Thank you!!!

Digital forensics enthusiast | Cyber security | Bug hunter | Java | Python | Analyzer