Login

SSH: ssh bandit6@bandit.labs.overthewire.org -p 2220

Password: DXjZPULLxYr17uwoI01bNLQbtFemEgo7

Task

Find a file somewhere on the server. Properties:

1. owned by user bandit7
2. owned by group bandit6
3. 33 bytes in size

A little bit of Theory

In this level, we are introduced to the big topic of Linux File Permissions. Specifically, to the area of ownership. Each file is owned by a user and a group. You can see what user and group owns a file with the ls command and its -l tag.

Example:

1
2

bandit6@bandit:/var/lib/dpkg/info$ ls -l bandit7.password 
-rw-r----- 1 bandit7 bandit6 33 May  7  2020 bandit7.password

The third column shows the user, the fourth shows the group that owns the file.

As mentioned in a previous level, the find command can be used to find files on the server. It offers flags to look for files owned by a specific user (-user <username>) and a specific group (-group <groupname>).

Solution

We use the find command with the following options:

• -type f, because we are looking for a file
• -user bandit7, to find files owned by the ‘bandit7’ user
• -group bandit6, to find files owned by the ‘bandit6’ group
• -size 33c, to find files of size 33 bytes

We need to run the command from the root directory to search the whole system. Running the command find / -type f -user bandit7 -group bandit6 -size 33c will, however, also print a Permission denied error for files that we do not have permission. We can append 2>/dev/null, which will ‘hide’ all error messages 1.

And we got the file and can read the next password.

1
2
3
4
5

bandit6@bandit:~$ find / -type f -user bandit7 -group bandit6 -size 33c 2>/dev/null
/var/lib/dpkg/info/bandit7.password

bandit6@bandit:~$ cat /var/lib/dpkg/info/bandit7.password
HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs

https://overthewire.org/wargames/bandit/bandit7.html