Introduction
OverTheWire is a free online platform “to learn and practice security concepts in the form of fun-filled games”. It has different, so-called “Wargames”, that deal each deal with an area of security.
The first game that is recommended is called Bandit. It is recommended first because it teaches “the basics needed to be able to play other wargames”. This includes mainly basic Linux and Git commands.
I worked through the levels and decided to write a walkthrough for my blog. There are already walkthroughs on the internet, from different persons and with different solutions. However, I still decided to publish mine, to at the very least get more comfortable with writing and maybe, since my explanations and thought processes may vary from other writers, help someone understand the solutions better. Also, this way future me has a reference to look back at.
I will try to explain the important concepts shortly, however, there is always a lot more we can learn about them. What the game and I would encourage you to do, is research on your own.
Great, now that you know what this article is about and why I am doing this, let’s start with the walkthrough of Level 0.
Task
Log into the level with SSH.
Server: bandit.labs.overthewire.org
Port: 2220
Username: bandit0
Password: bandit0
Theory
This level wants you to use SSH, which is short for Secure Shell Protocol. It is used to remotely connect to a machine. As the name suggests, this protocol aims for secure communication between the machines.
When you work with Linux, you can ssh into a machine through a terminal using the ssh command. Like with almost any Linux command, if you want to know more about it and its options, you can use the man
command (man ssh
).
With Windows, you can use software like PuTTY.
It is a very common service. So common in fact that it was assigned its own standard port, Port 22. A port is an endpoint that allows your computer to know which service should be accessed - kind of like office room numbers, so you know in which room the person you need to talk to is.
You can find a lot more information about these concepts on the internet. If you are not at all familiar with these, I would recommend you to watch an introduction to networking you can find to get a better overview of these and some more essential concepts.
Solution
To ssh into the machine, I used a Linux terminal. The basic command structure of the ssh command that we need to look at for this level is the following:
ssh <username>@<server> -p <port>
The parts with the angle quotation marks need to be replaced with the correct information. <server>
can be replaced either with a valid URL or the correct IP address. We would not need to add the -p <port>
part if we connect to the standard port 22.
The information you need is in the task description. This leads to the following command:
ssh bandit0@bandit.labs.overthewire.org -p 2220
Running the command, you should then be prompted for the password, which you can just type in (under Linux the password is not displayed when you type it).
bandit0@bandit.labs.overthewire.org's password:
If you typed in the correct password, you should now be logged into the remote machine and see a Welcome text with more information about the game.
Since the task was only to log in, this concludes level 0.
https://overthewire.org/wargames/bandit/bandit0.html
Next Level: Level 1