OverTheWire: Bandit Level 13 to Level 14

bandit13_1

Level goal: The password for the next level is stored in /etc/bandit_pass/bandit14 and can only be read by user bandit14. For this level, you don’t get the next password, but you get a private SSH key that can be used to log into the next level. Note: localhost is a hostname that refers to the machine you are working on

 

This level tests us on an essential skills on navigating around various servers using SSH protocol – to login without a password. Many organisations use this method of accessing their servers as they will not be prone to brute force password attack.

To access the next level, simple login using the sshkey.private which was provided to you on the root directory using the following command:

bandit13@melinda:~$ ssh -i ./sshkey.private bandit14@localhost

Next, if you really want to know the password, you can read it from the /etc/bandit_pass/bandit14 path. As mentioned in the level 0 introduction page, all level’s passwords are stored in that path but they can only be accessed by the level’s user themselves.

bandit13_2

The password to gain access to the next level is 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e.

Advertisements

2 thoughts on “OverTheWire: Bandit Level 13 to Level 14

Leave a Message

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s