@ Si|V|P1e P14n f0r H4ck3r: OverTheWire - Bandit

Description:

Level Goal

The password for the next level is stored in /etc/bandit_pass/bandit14 and can only be read by user bandit14. For this level, you don't get the next password, but you get a private SSH key that can be used to log into the next level.
Note: localhost is a hostname that refers to the machine you are working on

Commands you may need to solve this level

ssh, telnet, nc, openssl, s_client, nmap

Helpful Reading Material

SSH/OpenSSH/Keys

Solution:

[Comment] Using SSH to connect the server
sp@simple-plan:~|=> ssh bandit13@bandit.labs.overthewire.org
...
bandit13@bandit.labs.overthewire.org's password: 8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL
[Comment] Using ls command to list directory contents
bandit13@melinda:~$ ls
sshkey.private
[Comment] Using cat command to output file's contents
bandit13@melinda:~$ cat sshkey.private
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAxkkOE83W2cOT7IWhFc9aPaaQmQDdgzuXCv+ppZHa++buSkN+
gg0tcr7Fw8NLGa5+Uzec2rEg0WmeevB13AIoYp0MZyETq46t+jk9puNwZwIt9XgB
ZufGtZEwWbFWw/vVLNwOXBe4UWStGRWzgPpEeSv5Tb1VjLZIBdGphTIK22Amz6Zb
ThMsiMnyJafEwJ/T8PQO3myS91vUHEuoOMAzoUID4kN0MEZ3+XahyK0HJVq68KsV
ObefXG1vvA3GAJ29kxJaqvRfgYnqZryWN7w3CHjNU4c/2Jkp+n8L0SnxaNA+WYA7
jiPyTF0is8uzMlYQ4l1Lzh/8/MpvhCQF8r22dwIDAQABAoIBAQC6dWBjhyEOzjeA
J3j/RWmap9M5zfJ/wb2bfidNpwbB8rsJ4sZIDZQ7XuIh4LfygoAQSS+bBw3RXvzE
pvJt3SmU8hIDuLsCjL1VnBY5pY7Bju8g8aR/3FyjyNAqx/TLfzlLYfOu7i9Jet67
xAh0tONG/u8FB5I3LAI2Vp6OviwvdWeC4nOxCthldpuPKNLA8rmMMVRTKQ+7T2VS
nXmwYckKUcUgzoVSpiNZaS0zUDypdpy2+tRH3MQa5kqN1YKjvF8RC47woOYCktsD
o3FFpGNFec9Taa3Msy+DfQQhHKZFKIL3bJDONtmrVvtYK40/yeU4aZ/HA2DQzwhe
ol1AfiEhAoGBAOnVjosBkm7sblK+n4IEwPxs8sOmhPnTDUy5WGrpSCrXOmsVIBUf
laL3ZGLx3xCIwtCnEucB9DvN2HZkupc/h6hTKUYLqXuyLD8njTrbRhLgbC9QrKrS
M1F2fSTxVqPtZDlDMwjNR04xHA/fKh8bXXyTMqOHNJTHHNhbh3McdURjAoGBANkU
1hqfnw7+aXncJ9bjysr1ZWbqOE5Nd8AFgfwaKuGTTVX2NsUQnCMWdOp+wFak40JH
PKWkJNdBG+ex0H9JNQsTK3X5PBMAS8AfX0GrKeuwKWA6erytVTqjOfLYcdp5+z9s
8DtVCxDuVsM+i4X8UqIGOlvGbtKEVokHPFXP1q/dAoGAcHg5YX7WEehCgCYTzpO+
xysX8ScM2qS6xuZ3MqUWAxUWkh7NGZvhe0sGy9iOdANzwKw7mUUFViaCMR/t54W1
GC83sOs3D7n5Mj8x3NdO8xFit7dT9a245TvaoYQ7KgmqpSg/ScKCw4c3eiLava+J
3btnJeSIU+8ZXq9XjPRpKwUCgYA7z6LiOQKxNeXH3qHXcnHok855maUj5fJNpPbY
iDkyZ8ySF8GlcFsky8Yw6fWCqfG3zDrohJ5l9JmEsBh7SadkwsZhvecQcS9t4vby
9/8X4jS0P8ibfcKS4nBP+dT81kkkg5Z5MohXBORA7VWx+ACohcDEkprsQ+w32xeD
qT1EvQKBgQDKm8ws2ByvSUVs9GjTilCajFqLJ0eVYzRPaY6f++Gv/UVfAPV4c+S0
kAWpXbv5tbkkzbS0eaLPTKgLzavXtQoTtKwrjpolHKIHUz6Wu+n4abfAIRFubOdN
/+aLoRQ0yBDRbdXMsZN/jvY44eM+xRLdRVyMmdPtP8belRi2E2aEzA==
-----END RSA PRIVATE KEY-----
[Comment] Using SSH with -i option to connect the server without password
bandit13@melinda:~$ ssh -i ./sshkey.private bandit14@localhost
Could not create directory '/home/bandit13/.ssh'.
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is 91:b4:28:0b:9a:4d:0c:b6:39:1f:8f:68:89:4a:ce:92.
Are you sure you want to continue connecting (yes/no)? yes
[Comment] Fetch out the password for next level
bandit14@melinda:~$ cat /etc/bandit_pass/bandit14
4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e
[Comment] Using exit command to disconnect connection to server
bandit14@melinda:~$ exit
logout
Connection to localhost closed.
[Comment] It's done! Saving the password for next level.

Reference:

ssh http://linuxcommand.org/man_pages/ssh1.html

ls http://linuxcommand.org/man_pages/ls1.html

cat http://linuxcommand.org/man_pages/cat1.html

exit http://linuxcommand.org/man_pages/exit1.html

cd http://linuxcommand.org/lc3_man_pages/cdh.html

find http://linuxcommand.org/man_pages/find1.html

grep http://linuxcommand.org/lc3_man_pages/grep1.html

sort http://linuxcommand.org/lc3_man_pages/sort1.html

uniq http://linuxcommand.org/man_pages/uniq1.html

strings http://linuxcommand.org/man_pages/strings1.html

base64 http://linux.die.net/man/1/base64

tr http://linuxcommand.org/man_pages/tr1.html

alias http://linuxcommand.org/man_pages/alias1.html

mkdir http://linuxcommand.org/man_pages/mkdir1.html

cp http://linuxcommand.org/man_pages/cp1.html

xxd http://linuxcommand.org/man_pages/xxd1.html

file http://linuxcommand.org/man_pages/file1.html

mv http://linuxcommand.org/man_pages/mv1.html

gzip http://linuxcommand.org/man_pages/gzip1.html

bzip2 http://linuxcommand.org/man_pages/bzip21.html

tar http://linuxcommand.org/man_pages/tar1.html

@ Si|V|P1e P14n f0r H4ck3r

What is it? @.@

Some Stuff

2014-01-23

OverTheWire - Bandit - Level 13 to Level 14

No comments:

Post a Comment

ssh	http://linuxcommand.org/man_pages/ssh1.html
ls	http://linuxcommand.org/man_pages/ls1.html
cat	http://linuxcommand.org/man_pages/cat1.html
exit	http://linuxcommand.org/man_pages/exit1.html
cd	http://linuxcommand.org/lc3_man_pages/cdh.html
find	http://linuxcommand.org/man_pages/find1.html
grep	http://linuxcommand.org/lc3_man_pages/grep1.html
sort	http://linuxcommand.org/lc3_man_pages/sort1.html
uniq	http://linuxcommand.org/man_pages/uniq1.html
strings	http://linuxcommand.org/man_pages/strings1.html
base64	http://linux.die.net/man/1/base64
tr	http://linuxcommand.org/man_pages/tr1.html
alias	http://linuxcommand.org/man_pages/alias1.html
mkdir	http://linuxcommand.org/man_pages/mkdir1.html
cp	http://linuxcommand.org/man_pages/cp1.html
xxd	http://linuxcommand.org/man_pages/xxd1.html
file	http://linuxcommand.org/man_pages/file1.html
mv	http://linuxcommand.org/man_pages/mv1.html
gzip	http://linuxcommand.org/man_pages/gzip1.html
bzip2	http://linuxcommand.org/man_pages/bzip21.html
tar	http://linuxcommand.org/man_pages/tar1.html