OverTheWire Bandit - LVL5 (Completed)

Mike Kobbie Tieku TABIMike Kobbie Tieku TABI
4 min read

Table of contents

The goal for → LVL 5::

Level Goal:

→ The password for the next level is stored in a file somewhere under the inhere directory and has all of the following properties:

  • human-readable

  • 1033 bytes in size

  • not executable

Commands you may need to solve this level:ls , cd , cat , file , find

Explanation:

Password for Bandit5 Access: 4oQYVPkxZOOEOO5pTW81FB8j8lxXGUQw

First, ssh into Bandit Lvl 5. We can do this by entering the following:

ssh bandit5@bandit.labs.overthewire.org -p2220

You’ll then be asked top enter the password for Bandit5. Type it in and press enter (REMEMBER, you wont see the password type out on screen so type it carefully and correctly).

Once this is done you’ll successfully connect.

Much like before we are using the the ls command and cd command to access the inhere directory. As shown in the image below we have many different directories the same start to the name “maybehere”. Now one could go individually through all these directories but that would just be a complete waste of time and energy. Instead what we can do is utilise the find command to help find what matches the properties mentioned in the the goal description.

The find command searches for files and directories within a specified directory and its subdirectories. By running find [path] [expression], you can locate files based on various criteria such as name, type, size, or modification time.

For example, find . -name "*.txt" finds all text files in the current directory and its subdirectories.

  • find: The command used to search for files and directories.

  • .: The path to search in. A single dot (.) represents the current directory.

  • name: An option that specifies you want to search by name.

  • "*.txt": A pattern to match file names. The asterisk (``) is a wildcard that matches any number of characters, so .txt matches all files ending with .txt.

Together, find . -name "*.txt" searches for all files ending in .txt within the current directory and its subdirectories.

It's a powerful tool for managing files, especially on large systems. The command can also perform actions on found files, like deleting or moving them, by adding appropriate options and arguments.

Here are some of the more commonly used options used with the find command:

  • By Name: name [pattern]

    • Description: Finds files and directories that match a specified name pattern.

    • Example: find . -name "*.txt" - Finds all .txt files in the current directory and subdirectories.

  • By Type: type [f/d]

    • Description: Searches for files (f) or directories (d).

    • Example: find /var -type d - Finds all directories in /var.

  • By Size: size [N]

    • Description: Finds files based on their size. +N is larger than N, N is smaller than N, N is exactly N.

    • Example: find . -size +100M - Finds files larger than 100MB.

  • By Modification Time: mtime [N]

    • Description: Finds files modified N days ago. N for less than N days, +N for more than N days.

    • Example: find /tmp -mtime -7 - Finds files modified in the last 7 days in /tmp.

  • By Executable: executable

    • Description: Finds files that are executable.

    • Example: find /usr/bin -executable - Finds all executable files in /usr/bin.

  • Execute Command: exec [command] {} \\;

    • Description: Executes a specified command on each found file. {} is replaced by the file name.

    • Example: find . -name "*.log" -exec rm {} \\; - Finds and deletes all .log files in the current directory and subdirectories.

Based off of the password file properties, we are going to use the type, size and executable options as shown in the image below:

  • human-readable

  • 1033 bytes in size

  • not executable (the question mark means NOT, so we are stating NOT executable → ! -executable)

Command: find . -type f -size 1033c ! -executable

Using the above command has outputted the following file path and file name. Copy and paste that and using the cat command we want to output the contents of the file:

cat ./maybehere07/.file2

The password for Level 6 access is: HWasnPhtq9AVKe0dmk45nxy20cvUa6EG

That is Bandit Level 5 complete, Head over to Bandit Level 6!

0
Subscribe to my newsletter

Read articles from Mike Kobbie Tieku TABI directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Linuxlinux for beginnerslinux-basicslinux-commandsBashbanditoverthewirefind command

Written by

Mike Kobbie Tieku TABI
Mike Kobbie Tieku TABI