OverTheWire: Bandit

File: bandit.txt

Goals

Meet one of the pen-testing practice services, and work through a few of their exercises
Practice Unix command-line techniques
Practice keeping a log of your investigations

Rubric

For each "Level N → Level N+1": 0.5 - for the password for Level N+1 0.5 - for giving steps for how to find the password Maximum total: 12 points

OverTheWire

OverTheWire is one of many sites that offers exercises to help you practice computer security skills. The exercises have various names—Hack The Box calls them "boxes" (where "box" here is being used as an informal term for a single computer), TryHackMe calls them "rooms", some sites call them "CTFs" (for "capture the flag"), and for some reason, OverTheWire calls them "wargames". Offensive Security focuses a lot of attention on small networks of computers, so they just call the exercises "VMs" ("virtual machines") or "VM Groups". Regardless of the name, all these exercises present puzzles to help you acquire and practice pen-testing skills.

Through my experiments on various sites, I have noticed two broad categories of exercises. First, there are puzzles whose purpose is to show you a computer or network with realistic vulnerabilities—the kind of vulnerabilities that a too-busy or inadequately informed system administrator or software developer might leave open on a real computer. We will look at some of these during the second half of the term.

The second kind of puzzle only cares about teaching you a particular tool or technique, without concern for giving you a realistic context. For this assignment, you'll be doing this second kind of puzzle.

Bandit

The Bandit wargame at OverTheWire is designed to introduce you to a variety of Linux commands, file system concepts, and services that will come in handy in your security work. Some of the concepts are likely to be at least vaguely familiar to you (e.g. the rwx permissions you see when you do ls -l), whereas many are likely to be new.

For each level of bandit, your goal is to obtain the 32-character SSH password that will let you login to the next level. The instructions for each level are typically brief and mostly clear.

Here are a few of the main ideas explored in the first 12 bandit exercises.

listing files and directories, including "hidden" ones (i.e., those whose names start with a period, like .gitignore or ..)
viewing the contents of files with cat, hexdump, or xxd or with editors like nano or vim, etc.
filtering and transforming file contents with grep, sort, uniq, tr, hexdump, xxd, etc.
public and private encryption keys (especially as used in logging into computers via SSH)

Later levels look at TCP ports, compression utilities, cron jobs, bash scripts, git vulnerabilities, and more.

Your assignment

Start by reading the bandit introduction.
Get yourself a terminal that allows you to run ssh. On macOS, ssh is available by default via Terminal.app. On Windows, ssh.exe is usually installed and available via cmd or Powershell terminals. If you have the Windows Subsystem for Linux installed, ssh is definitely available there, too. You can also do these exercises in a terminal inside your Kali installation.
Login to the bandit server as user bandit0 like so:

ssh -p 2220 bandit0@bandit.labs.overthewire.org
Work through the first 12 levels of bandit, up through and including the one labeled Level 11 → Level 12.
Keep notes about your work, including a clear heading for each level, in a file named bandit.txt (or bandit.md, etc.) in your git repo. Your notes should: (1) enable another person to replicate your solution just by retyping your commands, and (2) briefly summarize the important lessons of the exercise. Feel free to use any common file format for your notes. I prefer a format that's editable in any text editor—straight text (*.txt) or markdown (*.md) are my favorites (and markdown supports images, if you want to include screenshots).
If you get stuck on a level, don't hesitate to post in our Slack #general channel. I'm happy to offer hints.

Important: clean up after yourself

The bandit server is just one virtual machine hosted by OverTheWire, so you'll all be sharing it with each other and anybody else out in the world who's working on it at the same time.

Occasionally, you may need to save some code or data in a file while doing your work. You will never have write-access to anything other than subdirectories of /tmp that you create. And furthermore, if you create a directory named /tmp/thisisme10 when you're logged in as bandit10, You won't have any access to /tmp/thisisme10 anymore when you login as bandit11 or any other banditX. So to clean up after yourself, you need to delete your directory while logged in as the same banditX that created the directory in the first place.

For example, suppose you're working on Level 10→Level 11 and you want to save some data in a file. Then you could do this:

bandit10@bandit:~$ mkdir /tmp/your_random_name bandit10@bandit:~$ cd /tmp/your_random_name bandit10@bandit:/tmp/your_random_name$ ...DO YOUR WORK... bandit10@bandit:/tmp/your_random_name$ cd bandit10@bandit:~$ rm -rf /tmp/your_random_name bandit10@bandit:~$ exit

Advice

Stay cool. Getting stuck is a natural part of studying this material. Keep trying things, walk away for a while, talk to classmates, sleep, eat, etc.
Keep detailed notes. You'll want them later, and the act of writing helps you learn and remember.
Need a hint? Ask a friend, ask me, post on Slack #general, etc.
Consult the manual pages (e.g. man ls or man cat) for the commands in the "commands you may need" section of each level.
Most Linux commands (including the ones in "commands you may need") also provide a usage guide if you use the --help flag (e.g. ls --help or find --help). Sometimes this is easier to read than the man page, but not always, and it usually contains less info than the man page.

Online walkthroughs?

Even though OTW explicitly asks people not to post walkthroughs of their exercises online, there are a bunch of them, some of them even well written.

For this assignment, I'm not going to ban the use of online walkthroughs of bandit. That said, I am going to assume for the remainder of the term that you have learned to use the command-line techniques required to get through the bandit levels. You are much better off struggling through to a solution of each level on your own or with a classmate than you are just replicating a walkthrough.

Plus, solving these puzzles is fun! The first time I did bandit, I learned a lot.