OverTheWire Bandit Level 17->Level 18 - Walkthrough

Cybersecurity - OverTheWire Bandit Solutions
OverTheWire Bandit Solutions
Introduction

In this post, I will be giving you a walkthrough to the Bandit wargame Level 17->Level 18. The player is required to use the command "diff" to clear this level. We will also use the nano editor to save the private key file received in the previous level.

Goal

There are 2 files in the home directory: passwords.old and passwords.new. The password for the next level is in passwords.new and is the only line that has been changed between passwords.old and passwords.new.

Login Details

Server - bandit.labs.overthewire.org
Port - 2220
Username - bandit17
Password - NA

Theory

The private key file received in the previous level needs to be saved in a file in the /tmp folder. To create a file, use the command as "nano filename" which will open the file if it exists or create a new one if it does not exists. Please read about the various editors available in Linux and use as per your convenience.
diff stands for difference and is used to compare the contents of two files and display the differences between them by comparing line by line. The syntax for the command is "diff [option] file1 file2".

Solution

Copy the private key file received in the previous level and paste the contents in a new file in the /tmp folder. Type the below commands to create the private key file-:

  • mkdir /tmp/bandit17sshkey
  • cd /tmp/bandit17sshkey
  • nano bandit17.private

Paste the contents in the file editor and press ctrl+o then Enter and then ctrl+x to save the file.

Now, modify the permissions of the bandit17.private file in order to connect to the server. Without modifying, the connection will fail as the private keys should be secured. Type the below commands to change the permissions and connect to the server-:
  • chmod 600 bandit17.private
  • ssh -i bandit17.private bandit17@localhost -p 2220

Therefore, we are logged into the bandit17 user. Type the below command to get the password-:

  • diff passwords.old passwords.new

The new password is printed in the second line. This clears the level 18 walkthrough. Please post your doubts and questions in the comment section.

Comments

Popular Posts