Fantm-Attempts

Lessons Learned how to sort strings, then find the only unique string in a file. Logging in On a kali vm/ linux machine Type: ssh bandit8@bandit.labs.overthewire.org -p 2220  cvX2JJa4CFALtqS87jk27qwqGhBM9plV Completing The Challenge The Goal: password for next level located in the file data.txt and is the only line of text that occurs only once The Solution: bandit8@bandit:~$ ls data.txt  bandit8@bandit:~$ sort data.txt | uniq -c | grep '1 '  1 UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR sort sorts lines in a file and groups them together uniq returns only one of each unique line -c is a counter grep searches for a string '1 ' avoids any string that doesn't end in 1specifically any string that ends with a one followed by a space

Lessons Learned the grep command searches for strings in a file, it outputs the entire line containing the searched string Logging in On a kali vm/ linux machine Type: ssh bandit7@bandit.labs.overthewire.org -p 2220  HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs Completing The Challenge The Goal: password for next level located in the file data.txt next to the word millionth The Solution: bandit7@bandit:~$ ls data.txt  bandit7@bandit:~$ grep millionth data.txt  millionth cvX2JJa4CFALtqS87jk27qwqGhBM9plV grep is essentially a string search that returns the line in a file where the string is found grep takes modifiers and the word its searching for first the file should be the final input to a grep search

Lessons learned Find has modifiers for user, group, size, and can execute a command on find files Logging into Bandit 6 On a kali vm/ linux machine Type: ssh bandit6@bandit.labs.overthewire.org -p 2220  DXjZPULLxYr17uwoI01bNLQbtFemEgo7 Completing The Challenge The Goal: password for next level located in a file somewhere in the server and has all of the following properties: owned by user bandit7 owned by group bandit6 33 bytes in size The Solution: bandit6@bandit:~$ find / -user bandit7 -group bandit6 -size 33c 2>/dev/null  /var/lib/dpkg/info/bandit7.password bandit6@bandit:~$ find / -user bandit7 -group bandit6 -size 33c 2>/dev/null -exec cat {} + HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs using what we learned previously we know how to get size an easy way to look for modifiers if you already have an idea of what your looking for is to do:   man CMD | grep MOD this pipes/lets grep read the output of the man page and then look for certain strings in this case i looked ...

Lessons learned Find has a size modifier Logging into Bandit 5 On a kali vm/ linux machine Type: ssh bandit5@bandit.labs.overthewire.org -p 2220  koReBOKuIDDepwhWk7jZC0RTdopnAYKh Completing The Challenge The Goal: password for next level located in a file somewhere under the inhere directory and has all of the following properties: human-readable 1033 bytes in size not executable The Solution: My Solution: bandit5@bandit:~$ ls inhere  bandit5@bandit:~$ cd inhere/  bandit5@bandit:~/inhere$ find -size 1033c  ./maybehere07/.file2  bandit5@bandit:~/inhere$ file maybehere07/.file2  maybehere07/.file2: ASCII text, with very long lines  bandit5@bandit:~/inhere$ cat maybehere07/.file2  DXjZPULLxYr17uwoI01bNLQbtFemEgo7 use find -size 1033c t find all files of size 1033 bytes since there is only one, check that it is human readable and read it A much better Solution: find . -type f -size 1033c ! -executable -exec file {} + | grep ASCII picked from terdon on...

Lessons learned file tells you what type of data is found in the file, ./* Will act on all file in a folder Logging into Bandit 4 On a kali vm/ linux machine Type: ssh bandit4@bandit.labs.overthewire.org -p 2220   pIwrPrtPN36QITSp3EQaw936yaFoFgAB Completing The Challenge The Goal: password for next level located in the only human-readable file in the inhere director The Solution: bandit4@bandit:~$ ls inhere  bandit4@bandit:~$ cd inhere/  bandit4@bandit:~/inhere$ ls  -file00 -file02 -file04 -file06 -file08  -file01 -file03 -file05 -file07 -file09  bandit4@bandit:~/inhere$ file ./*  ./-file00: data  ./-file01: data  ./-file02: data  ./-file03: data  ./-file04: data  ./-file05: data  ./-file06: data  ./-file07: ASCII text  ./-file08: data  ./-file09: data  bandit4@bandit:~/inhere$ cat ./-file07  koReBOKuIDDepwhWk7jZC0RTdopnAYKh the file command tells you what kind of file a certain file is, the...

Lessons learned . Prepending a file "hides" it Logging into Bandit 3 On a kali vm/ linux machine Type: ssh bandit3@bandit.labs.overthewire.org -p 2220  UmHadQclWmgdLOKQ3YNgjWxGoRMb5luK Completing The Challenge The Goal: password for next level located in a a hidden file in the inhere directory The Solution: bandit3@bandit:~$ ls  inhere  bandit3@bandit:~$ cd inhere/  bandit3@bandit:~/inhere$ ls  bandit3@bandit:~/inhere$ ls -a  . .. .hidden  bandit3@bandit:~/inhere$ cat .hidden  pIwrPrtPN36QITSp3EQaw936yaFoFgAB Sometimes its easier to copy the terminal. But let me explain: ls lists files in the current directory. the - is a modifier for the previous command. ls -a displays all files including hidden. the . is the current directory the .. is the previous directory and .hidden is the hidden file file that start with a . are automagically hidden from a normal ls

Lessons learned \ allows for recognition of spaces in names Logging into Bandit 2 On a kali vm/ linux machine Type: ssh bandit2@bandit.labs.overthewire.org -p 2220  CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9 Completing The Challenge The Goal: password for next level located in a file called spaces in this file name in the home directory The Solution: The beauty of most Linux is the TAB autocomplete for most operating systems: cat spaces\ in\ this\ filename *Remember spaces in the terminal specify new value by placing a backslash you tell the terminal that this space is not for that. Password: UmHadQclWmgdLOKQ3YNgjWxGoRMb5luK In case you haven't noticed my descriptions are not great, but they should work for the most part.

Lessons learned ./ Let's you avoid special character Logging into Bandit 1 On a kali vm/ linux machine Type: ssh bandit1@bandit.labs.overthewire.org -p 2220 boJ9jbbUNNfktd78OOpsqOltutMc3MY1 Completing Challenge 0 The Goal: password for next level located in a file called - in the home directory The Solution: from now on assume starting in your own home directory unless told otherwise: cat ./- *Remember in Linux some symbols and sometimes names can be a reference to an actual in/output so to specify in a terminal that you want to interact with the value that exists in the current directory you need to add a './' Password: CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9

Lessons learned: cat to read files Logging into Bandit 0 On a kali vm/ linux machine Type: ssh bandit0@bandit.labs.overthewire.org -p 2220 yes bandit0 Or: ssh bandit0@bandit.labs.overthewire.org -p 2220 bandit0 Completing Challenge 0 The Goal: password for next level located in a file called readme in the home directory The Solution: when logged in verify login location if not located at ~$ then: cd ~  cat readme *remember TAB auto completes Password: boJ9jbbUNNfktd78OOpsqOltutMc3MY1