Open in app

Sign in

Write

Sign in

OverTheWire: Bandit Level 1

Akash Ambashankar
2 min readNov 26, 2020

In the last post, we successfully logged into bandit0.

The that Bandit works is, once you login to a user (say, bandit0), you need to perform certain tasks to obtain the password of next user (say, bandit1). Then, using SSH, we can login to the next user.

So now that we’re in bandit0, lets figure out the password for bandit1.

Level 1

The task for Level 1 is to figure out the password of bandit1 from bandit0.

Since we’re already logged into bandit0, we can start looking for the password.

To get the instructions for this level, head on over to the Level 0 → Level 1 page.

Level Goal

The password for the next level is stored in a file called readme located in the home directory. Use this password to log into bandit1 using SSH. Whenever you find a password for a level, use SSH (on port 2220) to log into that level and continue the game.

Commands you may need to solve this level

ls, cd, cat, file, du, find

So we now know that the password we are looking for is in a file called readme. Let’s first find out what’s in our current directory.

We can do this by using the command ls in our terminal.

bandit0@bandit:~$ ls
readme

We see that there is a file named readme. To view the contents of the file, we use the command cat, followed by the name of the file we want to read.

bandit0@bandit:~$ cat readme
boJ9jbbUNNfktd78OOpsqOltutMc3MY1

According to the instructions, the readme file contains the password for the next level, bandit1. So lets assume the password for bandit1 is boJ9jbbUNNfktd78OOpsqOltutMc3MY1.

Lets try logging into bandit1 using the password we have just obtained.

To login to bandit1, we have to logout of bandit0 first.

We can do this using the command logout.

bandit0@bandit:~$ logout
Connection to bandit.labs.overthewire.org closed.

And now, we have to login to bandit1, just like we logged into bandit0, using SSH.

$ ssh bandit1@bandit.labs.overthewire.org -p 2220
This is a OverTheWire game server. More information on http://www.overthewire.org/wargamesbandit1@bandit.labs.overthewire.org’s password:

Paste the password that we just got (again, you won’t see any response, but your password should have been pasted), and press enter.

And you should be logged into bandit1!

Happy Hacking!

Blogging
Hacking
Hacking Tools
Ctf
Overthewire

--

--

Akash Ambashankar

Written by Akash Ambashankar

2 Followers

CS Master’s at Concordia University, Canada

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams