bandit

< >: Replace

( ) : Read only

--> : Return key

Level	Hint	Command
level0		`$ cat readme`
level1	show dashed file	`$ cat ./-`
level2	spaced file name	`$ cat 'spaces in this filename'`
level3	hidden file	`$ cat inhere/.hidden`
level4	find ascii file	`$ file ./* \| grep ASCII` `$ cat inhere/-file07`
level5	find file with size	`$ ls -l $(find ./ -type f) \| grep '1033'` `$ cat inhere/maybehere07/.file2`
level6	find file with user	`$ find / -print -ls \| grep 'bandit7'` `$ cat /var/lib/dpkg/info/bandit7.password`
level7	find word	`$ cat data.txt \| grep millionth`
level8	find non-repeated	`$ sort data.txt \| uniq -u`
level9	find words	`$ strings data.txt \| grep '='`
level10	decode data	`$ base64 -d data.txt`
levle11	decipher data	`$ cat data.txt \| tr 'a-zA-Z' 'n-za-mN-ZA-M'`
level12	convert, extract data	`$ xxd -r data.txt hello.bin` `$ zcat hello.bin \| bzcat \| zcat \| tar xO \| tar xO \| bzcat \| tar xO \| zcat \| file -`
level13	save sshkey to host	`$ cat sshkey.private` `(login level14: chmod 600 <sshkey> && ssh -i <sshkey> host@machine)`
level14	telnet	`$ cat /etc/bandit_pass/bandit14 (show l14 key)` `$ telnet localhost 30000 (--> paste l14 key)`
level15	ssh with ssl	`$ openssl s_client -connect localhost:30001 (--> paste l15 key)`
level16	find port, ssh ssl	`$ nmap -p31000-32000 localhost` `$ openssl s_client -connect localhost:<port> (--> paste l16 key)`
level17	find difference	`$ cat /etc/bandit_pass/bandit17 (show l17 key)` `$ diff passwords.new passwords.old`
level18	ssh with cmd	`$ ssh -p 2220 [email protected] cat readme`
level19	exec as other user	`$ ./bandit20-do cat /etc/bandit_pass/bandit20`
level20	two ssh	`$ nc -lp 1213 (--> paste l20 key)` `$ ./suconnect 1213 (in other terminal)`
level21	read script	`$ cat /etc/cron.d/cronjob_bandit22` `$ cat /usr/bin/cronjob_bandit22.sh (show tmp_new_dir)` `$ cat /tmp/<tmp_new_dir>`
level22	read script	`$ cat /etc/cron.d/cronjob_bandit23` `$ (echo I am user bandit23 \| md5sum \| cut -d ' ' -f 1) (generate tmp_new_dir)` `$ cat /tmp/<tmp_new_dir>`
level23	write script	`$ mkdir /tmp/<name>` `$ chmod 777 /tmp/<name>` `$ cat -e "#!/bin/bash \ncat /etc/bandit_pass/bandit24 > /tmp/<name>/pass" > job24.sh` `$ cp job24.sh /var/spool/bandit24/`
level24	telnet with bruteforce	`$ seq -f "UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ %04g" 0000 9999 \| nc localhost 30002`
level25		`$ ls (sshkey for l26)` `(decrease the size of terminal before login to l26)`
level26	vim	`(press v, type :set shell=/bin/bash -->, type :shell)` `$ cat /etc/bandit_pass/bandit26` `$ ./bandit27-do cat /etc/bandit_pass/bandit27`
level27	git readme	`$ cd /tmp/` `$ git clone ssh://bandit27-git@localhost/home/bandit27-git/repo` `$ cat repo/README`
level28	git difference	`$ cd /tmp/` `$ git clone ssh://bandit28-git@localhost/home/bandit28-git/repo` `$ git log -p`
level29	git branch	`$ cd /tmp/` `$ git clone ssh://bandit29-git@localhost/home/bandit29-git/repo` `$ git branch -a` `$ git checkout dev` `$ cat README`
level30	git read tag	`$ cd /tmp/` `$ git clone ssh://bandit30-git@localhost/home/bandit30-git/repo` `$ git tag` `$ git show <tag_name>`
level31	git push file	`$ cd /tmp/` `$ git clone ssh://bandit31-git@localhost/home/bandit31-git/repo` `$ echo 'May I come in?' >key.txt` `$ git add key.txt` `$ rm .gitignore` `$ git commit -m 'key31'` `$ git push`
level32		`$ $0` `$ /bin/bash` `$ cat /etc/bandit_pass/bandit33`
level33		`--FINISH`

zen29d / bandit Goto Github PK

bandit's Introduction

bandit

< >: Replace

( ) : Read only

--> : Return key

bandit's People

Contributors

Watchers

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent