Skip to main content

Bandit Level 14 → 15

Shubham
Cybersecurity Enthusiast

Bandit Level 14 → 15

Login : ssh bandit14@bandit.labs.overthewire.org -p 2220

password : MU4VWeTyJk8ROof1qqmcBPaLh7lDCPvS

Task

Send the current password to a service listening on port 30000 on localhost. The service will respond with the password for the next level.

Quick theory

The current password for your level is stored in /etc/bandit_pass/bandit14. nc (netcat) can open a TCP connection and send data: echo "<password>" | nc localhost 30000 The service expects the correct current password on stdin and prints the next-level password when correct.

Solution

Read the current password and send it to the service:

bandit14@bandit:~$ cat /etc/bandit_pass/bandit14
MU4VWeTyJk8ROof1qqmcBPaLh7lDCPvS

bandit14@bandit:~$ echo "MU4VWeTyJk8ROof1qqmcBPaLh7lDCPvS" | nc localhost 30000
Correct!
8xCjnmgoKbGLhHFAZlGE5Tmu4M2tKJQo

(If you get Wrong! Please enter the correct current password., double-check you sent the exact contents of /etc/bandit_pass/bandit14 including case and with no extra whitespace.)

<!-- truncate -->