Skip to content
Default image

OVERTHEWIRE – BANDIT LEVEL 6 -> LEVEL 7

#OverTheWire - Bandit
May 9, 2022
ssh bandit6@locahost
DXjZPULLxYr17uwoI01bNLQbtFemEgo7

In order to move to the next level we need to find the password stored somewhere on the serve. The only information we have is that the file has 33 bytes exactly, it’s owned by bandit7 and by the group bandit6.

A great opportunity to make use of the find command options. In the previous level we have used the find command with the -type, -size, -executable options, now we will use -user and -group (explained in this post ).

As the file is located somewhere on the server for the path we will start at the root “/” directory.

Searching with the above syntax will return also errors (in this case ‘Permission denied’) and we will have to scroll through them in order to find our file.

We can avoid this by using the 2>/dev/null along with the find command.

find / -user bandit7 -group bandit6 -size 33c 2>/dev/null

2 - stands for standard error (stderr)
> - is a redirection operator

So this command 2>/dev/null will redirect the errors from our search to /dev/null.

And the final step, using cat to see the password.