Level | Hint | Command |
---|---|---|
level0 | $ cat readme |
|
level1 | show dashed file | $ cat ./- |
level2 | spaced file name | $ cat 'spaces in this filename' |
level3 | hidden file | $ cat inhere/.hidden |
level4 | find ascii file | $ file ./* | grep ASCII $ cat inhere/-file07 |
level5 | find file with size | $ ls -l $(find ./ -type f) | grep '1033' $ cat inhere/maybehere07/.file2 |
level6 | find file with user | $ find / -print -ls | grep 'bandit7' $ cat /var/lib/dpkg/info/bandit7.password |
level7 | find word | $ cat data.txt | grep millionth |
level8 | find non-repeated | $ sort data.txt | uniq -u |
level9 | find words | $ strings data.txt | grep '=' |
level10 | decode data | $ base64 -d data.txt |
levle11 | decipher data | $ cat data.txt | tr 'a-zA-Z' 'n-za-mN-ZA-M' |
level12 | convert, extract data | $ xxd -r data.txt hello.bin $ zcat hello.bin | bzcat | zcat | tar xO | tar xO | bzcat | tar xO | zcat | file - |
level13 | save sshkey to host | $ cat sshkey.private (login level14: chmod 600 <sshkey> && ssh -i <sshkey> host@machine) |
level14 | telnet | $ cat /etc/bandit_pass/bandit14 (show l14 key) $ telnet localhost 30000 (--> paste l14 key) |
level15 | ssh with ssl | $ openssl s_client -connect localhost:30001 (--> paste l15 key) |
level16 | find port, ssh ssl | $ nmap -p31000-32000 localhost $ openssl s_client -connect localhost:<port> (--> paste l16 key) |
level17 | find difference | $ cat /etc/bandit_pass/bandit17 (show l17 key) $ diff passwords.new passwords.old |
level18 | ssh with cmd | $ ssh -p 2220 [email protected] cat readme |
level19 | exec as other user | $ ./bandit20-do cat /etc/bandit_pass/bandit20 |
level20 | two ssh | $ nc -lp 1213 (--> paste l20 key) $ ./suconnect 1213 (in other terminal) |
level21 | read script | $ cat /etc/cron.d/cronjob_bandit22 $ cat /usr/bin/cronjob_bandit22.sh (show tmp_new_dir) $ cat /tmp/<tmp_new_dir> |
level22 | read script | $ cat /etc/cron.d/cronjob_bandit23 $ (echo I am user bandit23 | md5sum | cut -d ' ' -f 1) (generate tmp_new_dir) $ cat /tmp/<tmp_new_dir> |
level23 | write script | $ mkdir /tmp/<name> $ chmod 777 /tmp/<name> $ cat -e "#!/bin/bash \ncat /etc/bandit_pass/bandit24 > /tmp/<name>/pass" > job24.sh $ cp job24.sh /var/spool/bandit24/ |
level24 | telnet with bruteforce | $ seq -f "UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ %04g" 0000 9999 | nc localhost 30002 |
level25 | $ ls (sshkey for l26) (decrease the size of terminal before login to l26) |
|
level26 | vim | (press v, type :set shell=/bin/bash -->, type :shell) $ cat /etc/bandit_pass/bandit26 $ ./bandit27-do cat /etc/bandit_pass/bandit27 |
level27 | git readme | $ cd /tmp/ $ git clone ssh://bandit27-git@localhost/home/bandit27-git/repo $ cat repo/README |
level28 | git difference | $ cd /tmp/ $ git clone ssh://bandit28-git@localhost/home/bandit28-git/repo $ git log -p |
level29 | git branch | $ cd /tmp/ $ git clone ssh://bandit29-git@localhost/home/bandit29-git/repo $ git branch -a $ git checkout dev $ cat README |
level30 | git read tag | $ cd /tmp/ $ git clone ssh://bandit30-git@localhost/home/bandit30-git/repo $ git tag $ git show <tag_name> |
level31 | git push file | $ cd /tmp/ $ git clone ssh://bandit31-git@localhost/home/bandit31-git/repo $ echo 'May I come in?' >key.txt $ git add key.txt $ rm .gitignore $ git commit -m 'key31' $ git push |
level32 | $ $0 $ /bin/bash $ cat /etc/bandit_pass/bandit33 |
|
level33 | --FINISH |
bandit's Introduction
bandit's People
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.