Some Bandit Solving

bandit 5 -> 6

not executable, size 1033 bytes

find \! -executable -size 1033c

bandit 6 -> 7

owned by user bandit7
owned by group bandit6
33 bytes in size

find / -user bandit7 -group bandit6 -s 33c

bandit 8 -> 9

sort data.txt | uniq -c | grep "1 "

bandit 9 -> 10

# kyke masih ada yg lebih bagus
grep -aP "====" data.txt
string data.txt | grep "===="

bandit 12 -> 13

!!! cuman hint

xxd file.txt > file.hex
xxd -reverse file.hex > file2.txt
gunzip
bunzip2
tar xvf

bandit 13 -> 14

masuk ssh bandit13

ssh -i sshkey.private bandit14@localhost

bandit 14 -> 15

masuk ssh bandir13 -> 14

cat /etc/bandit_pass/bandit14 | nc localhost 30000

bandit 15 -> 16

cat /etc/bandit_pass/bandit15 | openssl s_client -connect localhost:30001 -ign_eof

bandit 16 -> 17

nmap -p 31000-32000 localhost

cobak port satu-satu

cat /etc/bandit_pass/bandit16 | openssl s_client -connect localhost:<port> -ign_eof

dapat code RSA, copas di /tmp/tes/nama

ssh -i kode_rsanya bandit17@localhost

bandit 17 -> 18

diff password.old password.new

bandit 18 -> 19

ssh juga bisa mengirim command tanpa harus masuk remote

sshpass -p `cat bandit18` ssh bandit18@bandit.labs.overthewire.org -p 2220 "cat readme"

bandit 20 -> 21

masuk ke server dengan 2 terminal

terminal 1 :

cat /etc/bandit_pass/bandit20
nc -lvp 12345

terminal 2 :

./suconnect 12345

terminal 1 :

GbKksEFF4yrVs6il55v6gwY5aVje5f0j

bandit 21 -> 22

cat /etc/cron.d/cronjob_bandit22
cat /usr/bin/cronjob_bandit22.sh
cat /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv

bandit 22 -> 23

cat /etc/cron.d/cronjob_bandit22
cat /usr/bin/cronjob_bandit23.sh
echo I am user bandit23 | md5sum | cut -d ' ' -f 1
cat /tmp/8ca319486bfbbc3663ea0fbe81326349