The first eleven levels go through several basic unix commands that you will find beneficial. Don't fret, the fun commands are coming up just after this. I am using a Mac device, which allows for the SSH command as MacOS is unix-based. I will actually write a blogpost about my preference of Mac devices and make a case for why M1/M2 Mac devices are some of the most productive for the current cyber security workload. Windows now includes SSH within the terminal on Windows 10 & 11. If you are on Windows 7(sheeeeesh), you will need to download and use the PuTTY, which allows for OpenSSH connections. A useful unix tip for any command you do not understand is to simply type in "man <command>", which will define the command and any options available. Use "q" to leave the manual.
You will use SSH to connect to the Bandit game severs and meddle around.
Some common commands we will use include:
ls - List directory contents
cd - Change directory
mkdir - make new directory
mv - move files
cat - concatenate and print files
file - determine file type
find - attempts to descend directory locating expression
grep - file pattern searcher
The goal of this level is to gain a better understanding of how SSH/OpenSSH is used to gain access to a remote login client. If access is gained, this allows us to perform commands on
We will use the SSH command to gain access to the remote login of the bandit game.
We will use the command ssh <user@hostname> - p #### to capture the "flag" and find the password for level 1.
The username, hostname and port number is all provided on overthewire.org. As we progress levels, the username emulates the same number as the level.
For the hopeless (we've all been there), I'll include the answer for the this level.
ssh bandit0@bandit.labs.overthewire.org -p 2220
pw: bandit0
The goal of this level is to read a file named "readme", located in the home directory. The SSH command we used in level 0 will be used again to enter the bandit game server.
Once we have connected to host, we will use the two commands to find the second flag. We will use "ls" to list directory contents and "cat" to print the readme file.
'cat readme' will provide the password for level 2.
Level 1-2 is similar to level 0-1, except we will see how to read files that aren't as simple to print as the previous readme file.
The file we need to read is named "-". If we use 'cat -', we will get an error.
To read a file that starts with a dash, we will include "./" before the file name. For example: /cat ./--legos
Similar to level 1-2, except this time we will attempt to read a file that has spaces in it. Like I mentioned, levels 0 - 11 are some basic unix commands, but don't worry, the rush is on the way.
To read files with spaces, we will simply type the name of the file within quotations. For example: cat "hi world"
Level 3 - 4 is where we will start understanding why command lines are considered powerful for administration and security.
We need to find a hidden file in the inhere directory, which contains our flag. We will need to use the cd, cat and find commands to gain the password.
We will use "cd" to change directory to inhere. The find command will come in handy here. Use "find -H" to find any hidden files within the directory. Once we have located the hidden file, use "cat" to read the hidden file and capture the flag.