{"id":339,"date":"2015-01-09T04:19:32","date_gmt":"2015-01-09T04:19:32","guid":{"rendered":"https:\/\/www.hackmethod.com\/?p=339"},"modified":"2022-06-03T05:40:41","modified_gmt":"2022-06-03T05:40:41","slug":"overthewire-bandit-6","status":"publish","type":"post","link":"https:\/\/hackmethod.com\/overthewire-bandit-6\/","title":{"rendered":"OvertheWire &#8211; Bandit 6"},"content":{"rendered":"<p>[et_pb_section fb_built=&#8221;1&#8243; admin_label=&#8221;section&#8221; _builder_version=&#8221;3.22&#8243;][et_pb_row _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221; hover_enabled=&#8221;0&#8243; sticky_enabled=&#8221;0&#8243;][et_pb_column _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221; type=&#8221;4_4&#8243;][et_pb_text _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221; hover_enabled=&#8221;0&#8243; sticky_enabled=&#8221;0&#8243;]<strong>Recap of Level 5:<\/strong> We learned about the file command and how to use it to find filetypes.<\/p>\n<p>&nbsp;<\/p>\n<p><a href=\"http:\/\/overthewire.org\/wargames\/bandit\/bandit6.html\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>Bandit Level 6<\/strong><\/a><\/p>\n<h4><strong>Objective: <\/strong><\/h4>\n<p>Find the password to the next level<\/p>\n<h4><strong>Intel Given:<\/strong><\/h4>\n<ul>\n<li>File is stored in the <code>inhere<\/code> directory<\/li>\n<li>File has the properties of &#8216;human-readable and is 1033 bytes in size non-executable&#8217;<\/li>\n<\/ul>\n<p><!--more--><\/p>\n<h4><strong>How to: <\/strong><\/h4>\n<p>As soon as we see a unique characteristic like a specific file size we know that is something we can use to filter out some results from searches.<\/p>\n<p>So here we start to see the power of *nix shell. \u00a0There are many ways to approach this problem and because I&#8217;m familiar with the command <code>du<\/code I instantly thought of a command string which would give me results. However you could also use the 'find' command in a similar fashion.\n\n<code>du<\/code> is used to display file space usage and alone it won&#8217;t do much, so we need to combine a few switches that I&#8217;ve selected from the man page and combine it with another command to create a sort of filter. The switch\u00a0<code>-a<\/code> will check ALL directories and files recursively (including all files below the folder that you currently reside in) and <code>-b<\/code> will display the file size in bytes. You&#8217;ll notice this give you one big list of ALL the files and their sizes. You could scroll through this list until you found the file size that you&#8217;re looking for but I&#8217;m lazy.<\/p>\n<p>Input\/Output redirection is a very powerful concept and I encourage you to look at this <a href=\"http:\/\/linuxcommand.org\/lts0060.php\" target=\"_blank\" rel=\"noopener noreferrer\">site<\/a>. For our purposes I&#8217;ll briefly explain the &#8220;pipe&#8221; operator which is the | button or Shift + . What the pipe does is take the commands output from the left, and apply it to the right. To take advantage of this I&#8217;ll combine <code>du -ab<\/code> with <code>grep 1033<\/code>. It will look like this <code>du -ab | grep 1033<\/code>. For now just accept the fact that grep searches for strings (or text) and in this case it is searching for 1033 (our file size). The result that is kicked out shows us the only file that is 1033 bytes is located at\u00a0.\/maybehere07\/.file2. Simply cat the file and you have your password.<\/p>\n<p>The other method I could have used was <code>find .\/ -size 1033c<\/code> which is a much simpler method. Why did I not use this method instead of the more complicated method above? Easy, I simply knew the <code>du<\/code> command off of the top of my head while I had to take a minute to search through the man page of find to get the syntax exactly right.<\/p>\n<h4><strong>Conclusion: <\/strong><\/h4>\n<p>Here we&#8217;ve found two other\u00a0ways to look for more file parameters, glossed over I\/O redirection and grep. grep and I\/O redirection are VERY powerful tools, getting these commands down will be vital to your ability to master *nix.[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=&#8221;1_2,1_2&#8243; _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221;][et_pb_column type=&#8221;1_2&#8243; _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221;][et_pb_image src=&#8221;https:\/\/hackmethod.com\/wp-content\/uploads\/2020\/12\/Previous.png&#8221; alt=&#8221;Previous Level&#8221; title_text=&#8221;Previous&#8221; url=&#8221;https:\/\/hackmethod.com\/overthewire-bandit-5&#8243; _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221;][\/et_pb_image][\/et_pb_column][et_pb_column type=&#8221;1_2&#8243; _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221;][et_pb_image src=&#8221;https:\/\/hackmethod.com\/wp-content\/uploads\/2020\/12\/Next.png&#8221; alt=&#8221;Next Level&#8221; title_text=&#8221;Next&#8221; url=&#8221;https:\/\/hackmethod.com\/overthewire-bandit-7&#8243; align=&#8221;right&#8221; _builder_version=&#8221;4.7.4&#8243; _module_preset=&#8221;default&#8221;][\/et_pb_image][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Recap of Level 5: We learned about the file command and how to use it to find filetypes. &nbsp; Bandit Level 6 Objective: Find the password to the next level Intel Given: File is stored in the inhere directory File has the properties of &#8216;human-readable and is 1033 bytes in size non-executable&#8217; How to: As [&hellip;]<\/p>\n","protected":false},"author":8,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"<strong><a href=\"https:\/\/www.hackmethod.com\/bandit-5\/\">Recap of Last\u00a0Lesson<\/a>:\u00a0<\/strong>Learned about the file command and how to use it to find filetypes.\n\n<a href=\"http:\/\/overthewire.org\/wargames\/bandit\/bandit6.html\" target=\"_blank\" rel=\"noopener\"><strong>Bandit Level 6<\/strong><\/a>\n\n<strong>Objective: <\/strong>Find the password to the next level\n\n<strong>Intel Given:<\/strong>\n\n<ul>\n    <li>File is stored in the 'inhere' directory<\/li>\n    <li>File has the properties of 'human-readable and is 1033 bytes in size non-executable'<\/li>\n<\/ul>\n\n<!--more-->\n\n<strong>How to: <\/strong>As soon as we see a unique characteristic like a specific file size we know that is something we can use to filter out some results from searches.\n\nSo here we start to see the power of *nix shell. \u00a0There are many ways to approach this problem and because I'm familiar with the command 'du' I instantly thought of a command string which would give me results. However you could also use the 'find' command in a similar fashion.\n\ndu is used to display file space usage and alone it won't do much, so we need to combine a few switches that I've selected from the man page and combine it with another command to create a sort of filter. The switch\u00a0'-a' will check ALL directories and files recursively (including all files below the folder that you currently reside in) and '-b' will display the file size in bytes. You'll notice this give you one big list of ALL the files and their sizes. You could scroll through this list until you found the file size that you're looking for but I'm lazy.\n\nInput\/Output redirection is a very powerful concept and I encourage you to look at this <a href=\"http:\/\/linuxcommand.org\/lts0060.php\" target=\"_blank\" rel=\"noopener\">site<\/a>. For our purposes I'll briefly explain the \"pipe\" operator which is the | button or Shift + &#46; What the pipe does is take the commands output from the left, and apply it to the right. To take advantage of this I'll combine 'du -ab' with 'grep 1033'. It will look like this 'du -ab | grep 1033'. For now just accept the fact that grep searches for strings (or text) and in this case it is searching for 1033 (our file size). The result that is kicked out shows us the only file that is 1033 bytes is located at\u00a0.\/maybehere07\/.file2. Simply cat the file and you have your password.\n\nThe other method I could have used was 'find .\/ -size 1033c' which is a much simpler method. Why did I not use this method instead of the more complicated method above? Easy, I simply knew the du command off of the top of my head while I had to take a minute to search through the man page of find to get the syntax exactly right.\n\n<strong>Conclusion: <\/strong>Here we've found two other\u00a0ways to look for more file parameters, glossed over I\/O redirection and grep. grep and I\/O redirection are VERY powerful tools, getting these commands down will be vital to your ability to master *nix.","_et_gb_content_width":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[44],"tags":[43,45,46],"class_list":["post-339","post","type-post","status-publish","format-standard","hentry","category-overthewire","tag-bandit","tag-overthewire","tag-tutorials"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p5zY4D-5t","_links":{"self":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts\/339","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/comments?post=339"}],"version-history":[{"count":9,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts\/339\/revisions"}],"predecessor-version":[{"id":27493,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/posts\/339\/revisions\/27493"}],"wp:attachment":[{"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/media?parent=339"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/categories?post=339"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hackmethod.com\/wp-json\/wp\/v2\/tags?post=339"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}