Bandit Level 3 -> 4

Bandit Level 3 -> 4

Hide and Seek, where the hell is everybody?

Bandit Level 4:
The goal of this level is, for you to find the password in a hidden file. A little bit of hide and seek game so to speak.

Commands we may need to solve this level: ls , cd , cat , file , du , find

Solution

First, let’s ssh to the level 4 server:

Let the seeking begin!

So now we’re in the level 4 server, and apart from some details about the server and NDA details, there is just a shell prompt.

So we’re looking for a hidden file [in Linux hidden file naming starts with a dot “.file_name”], now the good thing is that we know how to list files and folders that aren’t hidden, so here it’s just a matter of emphasis on our previous command, but how and where can we know how to list hidden files, when in doubt RTFM. We got to the manual of ls:

First of let’s move into the inhere directory:

We’ve been told that we’re looking for a hidden file, a quick simple ls with no options will validate that there’s no unhidden file in the directory, so from the man page we saw earlier we use the option to list hidden file [file that starts with .

Now we can see the name of that hidden file, we can simply concatenate the content of the file and retrieve our flag.

Finally, we can retrieve our flag and move on to the next challenge.

Thank you, Enjoy.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.