OverTheWire Bandit Guide

Previous Level Guide: Bandit Level 17 → 18

Access

SSH: ssh bandit18@bandit.labs.overthewire.org -p 2220

Password: Qj1lAo6a6zjWQ4JtBWYetDly9Ez9QYNZ

Info

Description: The password for the next level is stored in a file readme in the homedirectory. Unfortunately, someone has modified .bashrc to log you out when you log in with SSH.
Commands: ssh, ls, cat

Theory

To get the password, the instructions say that the password is in plain sight in a file called readme, but the level was modified to log you out the moment you entered the level. This introduces us to a funny thing about ssh, where you can execute commands in the server you're connecting to, without needing to enter it's interface, so basically bypass the automatic log out by just not entering in the first place. The command is just the ssh log in with the command to execute at the end, which looks just like this:

ssh bandit18@bandit.labs.overthewire.org -p 2220 command

* Replace "command" with what command you're executing

Solution

For example if we just try to enter the level, the level will log us out automatically with the message "Byebye!", kinda like this:

C:\Users\shukularuni>ssh bandit18@bandit.labs.overthewire.org -p 2220
Byebye!

So, to get around this, as said in theory, we'll just put the commands straight from the ssh, it means we have to put both the ssh command and the password a couple of times, but I guess it's worth the effort. So first let's just see the files:

C:\Users\shukularuni>ssh bandit18@bandit.labs.overthewire.org -p 2220 ls
readme

Alright, now let's use cat to view the readme file and get the password:

C:\Users\shukularuni>ssh bandit18@bandit.labs.overthewire.org -p 2220 cat readme
yZ5eLbTjquqLS8eGPAMLWdb8ProbCygv

And that's it, it worked! Now we should be good to go to the next level.