Given: The password for the next level is stored in a file somewhere under the inhere directory and has all of the following properties:
human-readable
1033 bytes in size
not executable
Commands you may need to solve this level
ls, cd, cat, file, du, find
→ ssh into bandit5, for bandit6 password it is given that it is
- human-readable (ASCII format) or use the flag -readable ;
- 1033 bytes in size = use flag -size along with the mentioned size i.e.
- c — bytes
- w — two-byte words
- k — Kilobytes
- M — Megabytes
- G — Gigabytes
- Bytes— 512-byte blocks (this is the default if no suffix is used)
here we have the size in bytes, so use SYNTAX: -size 1033c
3. not executable- use Syntax: “! -executable” || or check it using perm flag
Finally, the steps are:
Step 1: ssh into bandit5
Step 2: ls -la to view the content of the pwd
bandit5@bandit:~$ ls -la
total 24
drwxr-xr-x 3 root root 4096 May 7 2020 .
drwxr-xr-x 41 root root 4096 May 7 2020 ..
-rw-r — r — 1 root root 220 May 15 2017 .bash_logout
-rw-r — r — 1 root root 3526 May 15 2017 .bashrc
drwxr-x — — 22 root bandit5 4096 May 7 2020 inhere
-rw-r — r — 1 root root 675 May 15 2017 .profile
Step 3: change directory to inhere using the cd command
bandit5@bandit:~$ cd inhere/
Step 4: use ls -la to view the content of the directory
bandit5@bandit:~/inhere$ ls -la
total 88
drwxr-x — — 22 root bandit5 4096 May 7 2020 .
drwxr-xr-x 3 root root 4096 May 7 2020 ..
drwxr-x — — 2 root bandit5 4096 May 7 2020 maybehere00
drwxr-x — — 2 root bandit5 4096 May 7 2020 maybehere01
drwxr-x — — 2 root bandit5 4096 May 7 2020 maybehere02
drwxr-x — — 2 root bandit5 4096 May 7 2020 maybehere03
drwxr-x — — 2 root bandit5 4096 May 7 2020 maybehere04
drwxr-x — — 2 root bandit5 4096 May 7 2020 maybehere05
drwxr-x — — 2 root bandit5 4096 May 7 2020 maybehere06
drwxr-x — — 2 root bandit5 4096 May 7 2020 maybehere07
drwxr-x — — 2 root bandit5 4096 May 7 2020 maybehere08
drwxr-x — — 2 root bandit5 4096 May 7 2020 maybehere09
drwxr-x — — 2 root bandit5 4096 May 7 2020 maybehere10
drwxr-x — — 2 root bandit5 4096 May 7 2020 maybehere11
drwxr-x — — 2 root bandit5 4096 May 7 2020 maybehere12
drwxr-x — — 2 root bandit5 4096 May 7 2020 maybehere13
drwxr-x — — 2 root bandit5 4096 May 7 2020 maybehere14
drwxr-x — — 2 root bandit5 4096 May 7 2020 maybehere15
drwxr-x — — 2 root bandit5 4096 May 7 2020 maybehere16
drwxr-x — — 2 root bandit5 4096 May 7 2020 maybehere17
drwxr-x — — 2 root bandit5 4096 May 7 2020 maybehere18
drwxr-x — — 2 root bandit5 4096 May 7 2020 maybehere19
// It is going to be a lot of hard work if you check it manually, this is where the commands & flags like -size, -executable & find comes into play
Step 5: use the command “ find -size 1033c -readable ! -executable ”
bandit5@bandit:~/inhere$ find -size 1033c -readable ! -executable
./maybehere07/.file2
Step 6: cat this file to see the bandit6 password
bandit5@bandit:~/inhere$ cat ./maybehere07/.file2
DXjZPULLxY**********QbtFemEgo7
:) Yay, we have leveled up to Bandit6