OverTheWire: Bandit Level 14 to Level 15

bandit14_1

Level goal: The password for the next level can be retrieved by submitting the password of the current level to port 30000 on localhost.

Surprisingly, I have already accidentally resolved this level from my previous level’s writeup.

As mentioned in the level 0 introduction page, all level’s passwords are stored in /etc/bandit_pass/ but they can only be accessed by the level’s user themselves.

bandit13_2

Now that we are logged in to bandit14, we can retrieve its password, which is 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e.

Now, we need to submit it to port 30000 on localhost. We can do it using many ways, one of them is netcat.

bandit14@melinda:~$ nc localhost 30000
4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e
Correct!
BfMYroe26WYalil77FoDi9qh59eK5xNr

Another way is using telnet, well, either way works. There are many other ways too, let’s not get into that.

bandit14@melinda:~$ telnet localhost 30000
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e
Correct!
BfMYroe26WYalil77FoDi9qh59eK5xNr

Connection closed by foreign host.

The password to gain access to the next level is BfMYroe26WYalil77FoDi9qh59eK5xNr.


One Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.