Level Goal
The password for the next level is stored in /etc/bandit_pass/bandit14 and can only be read by user bandit14. For this level, you don’t get the next password, but you get a private SSH key that can be used to log into the next level. Note: localhost is a hostname that refers to the machine you are working on.
Solution
Password: 8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL
1 |
$ ssh [email protected] -p 2220 |
Now we’re told we have a private key that we need to log in to the next level. We could just cat it then copy and paste it into a file, but let’s be a little more creative. First, let’s see what we have.
1 2 3 4 5 6 7 8 9 10 |
[email protected]:~$ ls sshkey.private [email protected]:~$ cat sshkey.private -----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEAxkkOE83W2cOT7IWhFc9aPaaQmQDdgzuXCv+ppZHa++buSkN+ gg0tcr7Fw8NLGa5+Uzec2rEg0WmeevB13AIoYp0MZyETq46t+jk9puNwZwIt9XgB ZufGtZEwWbFWw/vVLNwOXBe4UWStGRWzgPpEeSv5Tb1VjLZIBdGphTIK22Amz6Zb ThMsiMnyJafEwJ/T8PQO3myS91vUHEuoOMAzoUID4kN0MEZ3+XahyK0HJVq68KsV ObefXG1vvA3GAJ29kxJaqvRfgYnqZryWN7w3CHjNU4c/2Jkp+n8L0SnxaNA+WYA7 ... |
Let’s exit out of our SSH session and securely copy the file to our computer.
1 2 3 4 5 6 7 |
[email protected]:~$ exit logout Connection to bandit.labs.overthewire.org closed. $ scp -P 2220 [email protected]:sshkey.private sshkey.private This is a OverTheWire game server. More information on http://www.overthewire.org/wargames [email protected]'s password: sshkey.private 100% 1679 2.7KB/s 00:00 |
We’ve now got the SSH private key for next level.
Bazinga.