OvertheWire – Bandit 18

Recap of Last LessonUsed Nmap to scan ports and receive an RSA private key.

Bandit Level 18

Objective

Find the password to the next level

Intel Given

  • There are 2 files in the homedirectory: passwords.old and passwords.new. The password for the next level is in passwords.new and is the only line that has been changed between passwords.old and passwords.new
  • NOTE: if you have solved this level and see ‘Byebye!’ when trying to log into bandit18, this is related to the next level, bandit19

(more…)

OvertheWire – Bandit 17

Recap of Last LessonLearned about ports, telnet, and openssl

Bandit Level 17

Objective

Find the password to the next level

Intel Given

  • The password for the next level can be retrieved by submitting the password of the current level to a port on localhost in the range 31000 to 32000.
  • First find out which of these ports have a server listening on them. Then find out which of those speak SSL and which don’t. There is only 1 port that will give the next password, the others will simply send back to you whatever you send to it.

(more…)

OvertheWire – Bandit 16

Recap of Last LessonTelnet was used to connect to a remote service and a password for the current level was entered to give us the next levels password.

Bandit Level 16

Objective

Find the password to the next level

Intel Given

  • The password for the next level can be retrieved by submitting the password of the current level to port 30001 on localhost using SSL encryption.
  • Helpful note: Getting “HEARTBEATING” and “Read R BLOCK”? Use -quiet and read the “CONNECTED COMMANDS” section in the manpage. Next to ‘R’ and ‘Q’, the ‘B’ command also works in this version of that command…

(more…)