OverTheWire Bandit Level 5->Level 6 - Walkthrough

Introduction

In this article, I will be giving you a walkthrough to the Bandit wargame Level 5->Level 6. We will be using the "find" command with its different options and try to find the required file.

OverTheWire Bandit Solutions

The player is required to find the required file based on given conditions and then fetch the password. We will notice the use of multiple options in one command to find the file.

Goal

Get the password for Level 6 from a file present in "inhere" directory among many other files present in each sub-directory that fulfills the below 3 criteria-:

• human-readable
• 1033 bytes in size
• not executable

Login Details

Server - bandit.labs.overthewire.org
Port - 2220
Username - bandit5
Password - lrIWWI6bB37kxficQZqUdOIYfr6eEeqR

Theory

Run the ls command to see many directories present in the "inhere" directory. Each of the visible directory has many files present in them. file command was used in Level 5 and can work efficiently for small number of files.

In this level, there are many files and it is very easy to lose the overview if searching with the file command. Instead, we will be utilizing the file command along with the find command and finding the required file.

Here are the options of file command used to clear this level-:

• . - Denotes the current directory from where the find command should start its search. We can also write the absolute path here.
• -type - signifies the type of file to search for. 'f' for file and 'd' for directory. Here we have used "-type f".
• -size - denotes the size of the file based on which the search is performed. Here, we have used "-size 1033c". The character 'c' at the end is to denote bytes. Please go through this thread to know about this option used with find command.
• ! -executable - This tells that the file should be "not executable".
• -exec command {} \; - This option will execute the command mentioned on all the files that it finds. Here, we have used "-exec file {} \;" which executes the file command on the files.

I would recommend you to go through this article on GeeksForGeeks to know about the various options used with find command. Also go through this thread on unix stack exchange to know more about the options.

Solution

SSH into the user bandit5 using the command "ssh bandit5@bandit.labs.overthewire.org -p 2220" and the above password. Navigate to the directory "inhere" and use the command ls to see the directories present.

Get in one of the directory and we can see that there are many files present.

Now, type the command "find . -type f -size 1033c ! -executable -exec file {} \;". This will give us the file that is of size 1033 bytes, not executable and human-readable.

Type the command "cat maybehere07/.file2" to get the password.

This completes the Level 6 as we have got the password. Please post your doubts or suggestions in the comment section.