{"id":318,"date":"2015-01-08T03:21:39","date_gmt":"2015-01-08T03:21:39","guid":{"rendered":"http:\/\/104.236.24.83\/?p=318"},"modified":"2022-06-03T05:40:41","modified_gmt":"2022-06-03T05:40:41","slug":"overthewire-bandit-5","status":"publish","type":"post","link":"https:\/\/hackmethod.com\/overthewire-bandit-5\/","title":{"rendered":"OvertheWire &#8211; Bandit 5"},"content":{"rendered":"<p>[et_pb_section fb_built=&#8221;1&#8243; admin_label=&#8221;section&#8221; _builder_version=&#8221;3.22&#8243;][et_pb_row _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221;][et_pb_text _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221;]<strong>Recap of Level 4:<\/strong> We learned about hidden files within the *nix file structure.<\/p>\n<p>&nbsp;<\/p>\n<p><a href=\"http:\/\/overthewire.org\/wargames\/bandit\/bandit5.html\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>Bandit Level 5<\/strong><\/a><\/p>\n<h4><strong>Objective: <\/strong><\/h4>\n<p>Find the password to the next level<\/p>\n<h4><strong>Intel Given:<\/strong><\/h4>\n<ul>\n<li>Password file located in the &#8216;inhere&#8217; directory<\/li>\n<li>Password file is the only human-readable file in the directory<\/li>\n<\/ul>\n<p><!--more--><\/p>\n<h4><strong>How to: <\/strong><\/h4>\n<p>This level involves searching for file characteristics. We are looking for a file that is the only human readable file in the \u2018inhere\u2019 directory. First, what is human readable? In short, human readable means a human can read it and does not require computer translation. In more complex terms human readable content will be in ASCII or something similar while non-human readable data will be in binary.<\/p>\n<p>First lets see what we\u2019re looking at. I begin with doing a <code>ls \u2013l<\/code> command in the <code>\/inhere<\/code> directory and notice a strange naming convention. Each file is named <code>-file<\/code> followed by a number. Looking at the file names and knowing that *nix will interpret anything after a dash as a SWITCH when we type our command we will need to adjust our command a bit. Typically you could just type command <code>filename<\/code> and your shell would kick out the result, because of that dash we need to tell our shell that we mean the FILE. Keep this in mind as you continue to read.<\/p>\n<p>The command <code>file<\/code> can be used to classify a file is. Again, typing <code>man file<\/code> will provide you a deeper understanding of this command. Rather than type the command and change the digit for each item we can use something called a wildcard often represented by the <code>*<\/code>, commonly referred to as \u2018splat\u2019. When used with commands your shell will match any character to any length. So by typing the command<code>file .\/-file*<\/code> your shell interprets it as <code>file .\/-file00<\/code> <code>file .\/-file01<\/code> and so forth.<\/p>\n<p>As you can see after typing the above command your shell gave you a list of results and because of our previous discussion on human readable formats we know that ASCII is human readable. We can clearly see that <code>.\/-file07<\/code> is where our password is stored.<\/p>\n<p><code>cat .\/-file07<\/code> will provide you with the password to the next level.<\/p>\n<p>&nbsp;<\/p>\n<h4><strong>Conclusion:<\/strong><\/h4>\n<p>[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=&#8221;1_2,1_2&#8243; _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221;][et_pb_column type=&#8221;1_2&#8243; _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221;][et_pb_image src=&#8221;https:\/\/hackmethod.com\/wp-content\/uploads\/2020\/12\/Previous.png&#8221; alt=&#8221;Previous Level&#8221; title_text=&#8221;Previous&#8221; url=&#8221;https:\/\/hackmethod.com\/overthewire-bandit-4&#8243; _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221;][\/et_pb_image][\/et_pb_column][et_pb_column type=&#8221;1_2&#8243; _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221;][et_pb_image src=&#8221;https:\/\/hackmethod.com\/wp-content\/uploads\/2020\/12\/Next.png&#8221; alt=&#8221;Next Level&#8221; title_text=&#8221;Next&#8221; url=&#8221;https:\/\/hackmethod.com\/overthewire-bandit-6&#8243; align=&#8221;right&#8221; _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221;][\/et_pb_image][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Recap of Level 4: We learned about hidden files within the *nix file structure. &nbsp; Bandit Level 5 Objective: Find the password to the next level Intel Given: Password file located in the &#8216;inhere&#8217; directory Password file is the only human-readable file in the directory How to: This level involves searching for file characteristics. We [&hellip;]<\/p>\n","protected":false},"author":8,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"<strong>Recap of Last\u00a0Lesson:<\/strong> We learned about hidden files within the *nix file structure\n\n<a href=\"http:\/\/overthewire.org\/wargames\/bandit\/bandit5.html\" target=\"_blank\" rel=\"noopener\"><strong>Bandit Level 5<\/strong><\/a>\n\n<strong>Objective: <\/strong>Find the password to the next level\n\n<strong>Intel Given:<\/strong>\n\n<ul>\n    <li>Password file located in the 'inhere' directory<\/li>\n    <li>Password file is the only human-readable file in the directory<\/li>\n<\/ul>\n\n<!--more-->\n\n<strong>How to: <\/strong>This level involves searching for file characteristics. We are looking for a file that is the only human readable file in the \u2018inhere\u2019 directory. First, what is human readable? In short, human readable means a human can read it and does not require computer translation. In more complex terms human readable content will be in ASCII or something similar while non-human readable data will be in binary.\n\nFirst lets see what we\u2019re looking at. I begin with doing a \u2018ls \u2013l\u2019 command in the \u2018\/inhere\u2019 directory and notice a strange naming convention. Each file is named \u2018-file\u2019 followed by a number. Looking at the file names and knowing that *nix will interpret anything after a dash as a SWITCH when we type our command we will need to adjust our command a bit. Typically you could just type command &lt;filename&gt;\u201d and your shell would kick out the result, because of that dash we need to tell our shell that we mean the FILE. Keep this in mind as you continue to read.\n\nThe command \u2018file\u2019 can be used to classify a file is. Again, typing \u2018man file\u2019 will provide you a deeper understanding of this command. Rather than type the command and change the digit for each item we can use something called a wildcard often represented by the \u2018<em>\u2019, commonly referred to as \u2018splat\u2019. When used with commands your shell will match any character to any length. So by typing the command \u2018file .\/-file<\/em>\u2019 your shell interprets it as \u2018file .\/-file00\u2019 \u2018file .\/-file01\u2019 and so forth.\n\nAs you can see after typing the above command your shell gave you a list of results and because of our previous discussion on human readable formats we know that ASCII is human readable. We can clearly see that .\/-file07 is where our password is stored.\n\n\u2018cat .\/-file07\u2019 will provide you with the password to the next level.","_et_gb_content_width":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[44,49],"tags":[51,45,50],"class_list":["post-318","post","type-post","status-publish","format-standard","hentry","category-overthewire","category-tutorials","tag-bandt","tag-overthewire","tag-tutorial"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p5zY4D-58","_links":{"self":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts\/318","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/comments?post=318"}],"version-history":[{"count":15,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts\/318\/revisions"}],"predecessor-version":[{"id":27491,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts\/318\/revisions\/27491"}],"wp:attachment":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/media?parent=318"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/categories?post=318"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/tags?post=318"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}