OverTheWire: Bandit Level 14 to Level 15

Level goal: The password for the next level can be retrieved by submitting the password of the current level to port 30000 on localhost.

Surprisingly, I have already accidentally resolved this level from my previous level’s writeup.

As mentioned in the level 0 introduction page, all level’s passwords are stored in /etc/bandit_pass/ but they can only be accessed by the level’s user themselves.

Now that we are logged in to bandit14, we can retrieve its password, which is 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e.

Now, we need to submit it to port 30000 on localhost. We can do it using many ways, one of them is netcat.

bandit14@melinda:~$ nc localhost 30000

Another way is using telnet, well, either way works. There are many other ways too, let’s not get into that.

bandit14@melinda:~$ telnet localhost 30000
Connected to localhost.
Escape character is '^]'.

Connection closed by foreign host.

The password to gain access to the next level is BfMYroe26WYalil77FoDi9qh59eK5xNr.

kongwenbin: I am a security enthusiast, penetration tester and bug hunter who has a great passion in the area of information security. I love to share. Please feel free to leave a comment on my posts. Learning never stops!
Related Post