What is it? @.@

Here is the place where I record some tactics about wargame, systems, and other security issues.

2014-01-23

OverTheWire - Bandit - Level 6 to Level 7

Description:

Level Goal
The password for the next level is stored somewhere on the server and has all of the following properties:
owned by user bandit7
owned by group bandit6
33 bytes in size
Commands you may need to solve this level
ls, cd, cat, file, du, find, grep
Solution:
  1. [Comment] Using SSH to connect the server
  2. sp@simple-plan:~|=> ssh bandit6@bandit.labs.overthewire.org
    ...
    bandit6@bandit.labs.overthewire.org's password: DXjZPULLxYr17uwoI01bNLQbtFemEgo7
  3. [Comment] Using find command to find the specific file
  4. [Comment] owned by user bandit7 : -user bandit7 option
  5. [Comment] owned by group bandit6 : -group bandit6 option
  6. [Comment] 33 bytes in size : -size 33c option
  7. [Comment] We use grep command to help us to ignore error messages
  8. bandit6@melinda:~$ find / -user bandit7 -group bandit6 -size 33c 2>&1 | grep -v -F Permission
    /var/lib/dpkg/info/bandit7.password
  9. [Comment] Using cat command to output file's contents
  10. bandit6@melinda:~$ cat /var/lib/dpkg/info/bandit7.password
    HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs
  11. [Comment] Using exit command to disconnect connection to server
  12. bandit6@melinda:~$ exit
    logout
    Connection to bandit.labs.overthewire.org closed.
  13. [Comment] It's done! Saving the password for next level.
Reference:
sshhttp://linuxcommand.org/man_pages/ssh1.html
lshttp://linuxcommand.org/man_pages/ls1.html
cathttp://linuxcommand.org/man_pages/cat1.html
exithttp://linuxcommand.org/man_pages/logout1.html
cdhttp://linuxcommand.org/lc3_man_pages/cdh.html
findhttp://linuxcommand.org/man_pages/find1.html
grephttp://linuxcommand.org/lc3_man_pages/grep1.html

3 comments:

  1. please can you explain this term "2>&1" , I' m not able to get I tried searching for this. I got a rough idea what don't know how it works and what does it mean. thanks in advance.

    ReplyDelete
    Replies
    1. Funny you should be asking in 2014, the same time I discovered overthewire.org

      Well the explanation is the "2" is the error output the command would dump into your display. The ">" says send this "2" data(wich is error or STDERR data) somewhere. The "&" tells the shell that the next input will not be a filename. The "1" is the place the shell will send the "2"(STDERR/error) data to, in this case to "1" or STDIN/Input location.

      I tried to break it down, I hope that makes sense. It is not a perfect explanation, but begs to break down each character and it's approximate function. Have fun1

      Delete
  2. why not type 2>/dev/null instead ?

    ReplyDelete