Bandit level 17
Level Goal
There are 2 files in the homedirectory: passwords.old and passwords.new. The password for the next level is in passwords.new and is the only line that has been changed between passwords.old and passwords.new
NOTE: if you have solved this level and see ‘Byebye!’ when trying to log into bandit18, this is related to the next level, bandit19
The first challenge to this level is actually logging in. We retrieved a ssh key from the previous level, using it might not be straight forward. I stumbled upon some problems using the key I had stored in a text file. As often before, the solution is in the error messages. After you have logged in you are presented with two files, and one of the lines have changed. And this line contains your password.
Useful commands:
- chmod
- ssh
- diff
- grep
Solution - Spoiler Alert!
My first hurdle was that my ssh key was too open, and the ssh connection ignored it. To solve this i used sudo chmod 400 sshkey.key so the only permissions on the file was reading for the owner.
After logging in we can see the two files and i used the command diff passwords.new passwords.old to see what has changed. I get two lines, one from each file, that are different from the other file.
As I always forget which of those lines is in which file i used grep PASSWORD passwords.new (note: i use PASSWORD as a placeholder as i do not want to post the password online). Luckily my assumptions was right and we have the password for the next level
Comments ()