DEV Community

loading...
Cover image for Bandit CTF - 1 to 5 Challenges WriteUp

Bandit CTF - 1 to 5 Challenges WriteUp

Rémi Lavedrine
Software Dev turned Security Dev. Follow me on dev.to, twitch.tv/shostarsson or wildnsecure.com
Updated on ・2 min read

Knowing where to start when I'm interested in offensive computer security can be tricky.
Should you read a book (s)? Read as many articles as possible? Make a formation ? Watch videos on Youtube?

There are many possibilities.

But beyond all this, it is certain that at one time or another nothing will replace practice.

This is when the CTF (Capture The Flag) becomes your best ally to put into practice everything you have learned.
OverTheWire CTFs are intended for beginners. But it is in this that they are extremely rewarding because they allow Security Engineers but also Software Engineers to understand the challenges of IT security.
Indeed, the first challenges are oriented on the exploitation of vulnerabilities via simple bash commands.

I suggest you do these challenges and explain how to solve the challenges of this CTF. The idea is more to understand how a command works and how to use all its possibilities to carry out a vulnerability exploitation on the system.

We start with the first 5 challenges:

Video with French Audio & English Subtitles


If you want to read the writeup without the voice over, here are all the writeups (for the 5 first challenges).


Bandit Level 0 -> 1
ssh bandit0@bandit.labs.overthewire.org -p 2220
Use bandit0 as the password

Read the readme file

more readme
Enter fullscreen mode Exit fullscreen mode

Flag : boJ9jbbUNNfktd78OOpsqOltutMc3MY1


Bandit Level 1 -> 2
ssh bandit1@bandit.labs.overthewire.org -p 2220
Use the boJ9jbbUNNfktd78OOpsqOltutMc3MY1 flag as the password.

Create a directory in /tmp with

mktemp -d /tmp/ploptipXXXX
Enter fullscreen mode Exit fullscreen mode

Return : /tmp/ploptipfmHI

Move the - file to that directory while modifying the name to a more "normal" one.

mv - /tmp/ploptipfmHI/flag.txt
Enter fullscreen mode Exit fullscreen mode

Flag : CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9


Bandit Level 2 -> 3
ssh bandit2@bandit.labs.overthewire.org -p 2220
Use the CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9 flag as the password.

Read the spaces in this filename file

more spaces\ in\ this\ filename
Enter fullscreen mode Exit fullscreen mode

Flag : UmHadQclWmgdLOKQ3YNgjWxGoRMb5luK


Bandit Level 3 -> 4
ssh bandit3@bandit.labs.overthewire.org -p 2220
Use the UmHadQclWmgdLOKQ3YNgjWxGoRMb5luK flag as the password.

The flag is in a hidden file.
Use the ls -a command to display all files.

.hidden file is revealed.

ls -la
more .hidden
Enter fullscreen mode Exit fullscreen mode

Flag : pIwrPrtPN36QITSp3EQaw936yaFoFgAB


Bandit Level 4 -> 5
ssh bandit4@bandit.labs.overthewire.org -p 2220
Use the pIwrPrtPN36QITSp3EQaw936yaFoFgAB flag as the password.

We are using a recursive cat on all the files that are in the folder.hidden/

cat ./-file00 etc...
Enter fullscreen mode Exit fullscreen mode

You can do that super quickly through cat ./-file0*

Flag : koReBOKuIDDepwhWk7jZC0RTdopnAYKh


If you have any question, feel free to ask and I'll do my best to answer it and help you grow.


If you like this content, push the like button, that helps spread the message. 👍🏼
If you think it can be useful to anyone in your network, share it. 📨


Video produced by Wild & Secure, your consulting firm to all things security and real estate.
If you want to receive weekly quality content about security, subscribe to our newsletter on our website.

Discussion (0)