Level goal: The password for the next level can be retrieved by submitting the password of the current level to port 30000 on localhost.
Surprisingly, I have already accidentally resolved this level from my previous level’s writeup.
As mentioned in the level 0 introduction page, all level’s passwords are stored in /etc/bandit_pass/ but they can only be accessed by the level’s user themselves.
Now that we are logged in to bandit14, we can retrieve its password, which is 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e.
Now, we need to submit it to port 30000 on localhost. We can do it using many ways, one of them is netcat.
[email protected]:~$ nc localhost 30000 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e Correct! BfMYroe26WYalil77FoDi9qh59eK5xNr
Another way is using telnet, well, either way works. There are many other ways too, let’s not get into that.
[email protected]:~$ telnet localhost 30000 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e Correct! BfMYroe26WYalil77FoDi9qh59eK5xNr Connection closed by foreign host.
The password to gain access to the next level is BfMYroe26WYalil77FoDi9qh59eK5xNr.