Site Map - skip to main content - dyslexic font - mobile - text - print

Hacker Public Radio

Your ideas, projects, opinions - podcasted.

New episodes Monday through Friday.


hpr2138 :: Hack the Box with Bandit

NYbill talks about a Linux 'War Game' called Bandit.

<< First, < Previous, Latest >>

Host Image
Hosted by NYbill on 2016-10-12 and released under a CC-BY-SA license.
Listen in ogg, spx, or mp3 format. | Comments (1)

NYbill talks about a Linux ‘War Game’ called Bandit.

http://overthewire.org/wargames/bandit/


Comments

Subscribe to the comments RSS feed.

Comment #1 posted on 2016-10-25T06:29:02Z by Krayon

Good fun!

NYBill,

Thanks for the episode, I always love these little games. This one is indeed
focused at beginners but can still be a bit of fun.

I only just started trying it out so I'm only up to level 16. Haven't come
across any challenge yet except the constant password typing :P

I created an extremely over-engineered lil' bashrc to ease typing a bit. With
it, once you've got the password, you simply type:
sshnext

And then paste the password.

It copies itself each level to ensure only people of your level can screw with
your stuff and to give you a working directory if you need one.

One need only (as bandit0) choose a base name for the directories (CHANGE_ME
here) and create the directory /tmp/CHANGE_ME.bandit0/ and the file
/tmp/CHANGE_ME.bandit0/.bashrc, containing:

set -o vi

echo "Setting aliases"
alias rot13='tr "[a-mn-zA-MN-Z]" "[n-za-mN-ZA-M]"'

# In bash >= 3, BASH_SOURCE will tell us who we are
medir="${BASH_SOURCE%/*}"
dbase="${medir%.*}"
wd="${dbase}.${USER}"

game="${USER//[0-9]/}"
curr="${USER//[a-z]/}"

last="$((${curr} - 1))"
next="$((${curr} + 1))"

unext="${game}${next}"

dlast="${dbase}.${game}${last}"

# Create this file as the new user
[ ! -d "${wd}" ] && {
cp -a "${dlast}" "${wd}" && echo "Created ${wd}"
}

unset medir base game curr last next dlast

echo "Working Directory: \$wd == ${wd}"

function sshnext() {
global wd unext

ssh -t \
-o "UserKnownHostsFile /dev/null" \
-o "StrictHostKeyChecking no" \
${unext}@localhost \
bash --rcfile "${wd}/.bashrc" \
-i
}

Leave Comment

Powered by Comment Script