OverTheWire: Bandit Level 14 to Level 15

bandit14_1

Level goal: The password for the next level can be retrieved by submitting the password of the current level to port 30000 on localhost.

Surprisingly, I have already accidentally resolved this level from my previous level’s writeup.

As mentioned in the level 0 introduction page, all level’s passwords are stored in /etc/bandit_pass/ but they can only be accessed by the level’s user themselves.

bandit13_2

Now that we are logged in to bandit14, we can retrieve its password, which is 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e.

Now, we need to submit it to port 30000 on localhost. We can do it using many ways, one of them is netcat.

bandit14@melinda:~$ nc localhost 30000
4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e
Correct!
BfMYroe26WYalil77FoDi9qh59eK5xNr

Another way is using telnet, well, either way works. There are many other ways too, let’s not get into that.

bandit14@melinda:~$ telnet localhost 30000
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e
Correct!
BfMYroe26WYalil77FoDi9qh59eK5xNr

Connection closed by foreign host.

The password to gain access to the next level is BfMYroe26WYalil77FoDi9qh59eK5xNr.

Advertisements

One thought on “OverTheWire: Bandit Level 14 to Level 15

Leave a Message

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s