Spoiler-Free OverTheWire Bandit Guide :: Levels 0 - 9


This is part one of our OverTheWire Bandit spoiler-free series, covering the first ten levels. If you’re interested in cybersecurity but not sure how to start with Bandit, this is written especially for you, and it’s what I wish I had back when I first started out.

When I was working through these levels, I was frequently frustrated. Sometimes the level solution felt contrived and dependent on obscure options of commands that you’d never use again. Sometimes I wish the listed commands had accompanying usage, to make for a nicer learning experience. I hope, by writing this little companion guide, I can help those who feel the same.

In this guide, I assume you’re familiar with the basics of using the terminal (navigating with cd, reading files with cat, etc.). If you’re not, I recommend reading through this guide by DigitalOcean to get started.

Is Bandit suitable for me?

Bandit contains 33 levels on the following topics:

  • filesystems, such as finding files and dealing with hexdumps
  • shell basics
  • simple scripting
  • networking (ssh, telnet, etc.)
  • common command line utility programs (strings, git, etc.)

If you could use a refresher on the above subjects, definitely attempt Bandit.

Otherwise, if you have lived in the terminal for years and are interested in OverTheWire wargames, I’d suggest you skip Bandit and instead pick:

  • Natas, if you’re after web security challenges
  • Leviathan, for a challenge more along the lines of Bandit, with general command line work and some reverse engineering

SSH Tips

In the course of Bandit, you’ll be logging into their SSH server over thirty times. Instead of typing this every time (like I did years ago…):

ssh bandit0@bandit.labs.overthewire.org -p 2220

With some extra config, you can shorten the comand to:

ssh bandit0@bandit

And here’s the config for it:

Host bandit
	HostName bandit.labs.overthewire.org
	Port 2220

It’s usually stored in ~/.ssh/config.

Level 0

Goal: log into level0 on bandit.labs.overthewire.org.

Hint: how to use SSH

ssh <username>@<ip address or hostname>

And if the SSH service isn’t listening on the conventional port 22, then you’d need to append -p <port>.

Level 0 → Level 1

Goal: read the readme file in the home directory.

Level 1 → Level 2

Goal: read the - file in the home directory.

Hint: how to refer to files with special characters in the name

In bash, - represents the standard input. So if you execute cat -, cat will obediently listen for your input. What you need is to specify the full path of the file. Just putting the file name in quotes is not enough.

If you’re curious about standard input (and output & error), see this article.

Level 2 → Level 3

Goal: read the file named “spaces in this filename”.

Hint: how to refer to files with spaces in the name

One easy way is to hit the tab key and have your autocompletion insert backslashes right before the spaces. Another way is to use double quotes around the whole filename.

Level 3 → Level 4

Goal: read the hidden file in the directory inhere.

Hint: how to show hidden files

“Hidden” files are files with a name that starts with a dot .. If you’re on macOs, you might have seen the .DS_Store. They don’t show up when you do a normal ls command, but they do when you add the -a option.

Level 4 → Level 5

Goal: read the only human-readable file in the directory inhere.

Hint: the file command

The file command tells you the type of file you’re specifying, which is very useful when you’re dealing with unfamiliar files from unknown sources. Try file <some jpg> and file <some js file> to see what the outputs look like.

For example, when examining a text file with file notes.txt, the output is ./notes.txt: ASCII text.

Hint (what am I looking for?)

You’re looking for the file that is actually ASCII text and not data.

Hint (is there a way to do it in one line?) (spoiler)

file ./*.

For reference, the . refers to the current directory, and the * (the wildcard) matches any character. For example, rm * removes all files in the current directory (except hidden files, i.e. files that start with .).

Level 5 → Level 6

Goal: find a file within numerous directories that is:

  • human-readable
  • 1033 bytes in size
  • not executable

Definitely look up all the options available for ls and du with man ls and man du. Given that we’re provided with a very specific size (1033), it’d be easy to first list every file size then search directly for that number with grep!

Hint (du shows me wrong sizes)

Try using -b with it. It shows the sizes in bytes instead.

Hint (du doesn’t show me hidden files)

The -a option shows all files instead of just directories.

Level 6 → Level 7

Goal: find the file somewhere on the server that is:

  • owned by user bandit7
  • owned by group bandit6
  • 33 bytes in size

Whenever you need to find files that fulfill certain requirements such as ownership and permissions, find is a robust choice. I recommend you look up find with man find and learn about all its options.

Hint (how to find by group)

find -group <group>

Hint (how to find by user)

find -user <user>

Hint (where do I look for the file?)

You can start with /.

Level 7 → Level 8

Goal: find the line containing the word “millionth” (without the quotes of course) in the data.txt file.

If you’re not familiar with grep yet, this is the level for you to learn about it! Use grep whenever you need to find some text within some files.

For example, suppose you’ve just finished writing a feature in your web app and want to make sure that you didn’t leave any of the console.log lines in. You can simply run cat * | grep console. It prints out all the files in the current directory and shows you all the lines that contain “console”.

Level 8 → Level 9

Goal: find the only unique line in the data.txt file.

If you’re not familiar with piping and redirecting, definitely read the linked article in the official level page. This concept is crucial for any kind of command line work. And for this level, I’d recommend you read up on sort and uniq on the man page!

Hint (how does sort work?)

sort takes in a file either through the argument or the standard input and rearranges all lines in the file in order. For example, in this file called file.txt we have


When we execute sort file.txt, it outputs


Hint (how does uniq work?)

uniq takes in a file and outputs unique lines, omiting duplicates. For example, in this file called birds we have

humming bird 
humming bird 
humming bird

When we execute uniq birds, it outputs

humming bird

You will find the -c option very useful, as it reports the number of times a line has occurred. uniq -c birds outputs

2 myna
3 humming bird
1 dodo

With this knowledge, you’re ready to solve this level!

Level 9 → Level 10

Goal: find the password in one of the only human-readable lines in the data.txt file, preceded by several = characters.

When we examine the file with head data.txt, we can see that most of the file is binary data and not human-readable. Whenever you need to find human-readable strings in binary data, strings is your best friend. It’s very useful in reverse engineering, CTF games, and exploit development.

Hint (strings outputs too many lines!)

Try the -n option, which only outputs strings of a minimum length that you specifiy. You can also try combining strings with grep, since we know that the password is preceded by many = characters.


We’ll be covering levels 10 to 19 in the next article. Hope you’ve enjoyed Bandit so far!

If you like my approach to CTF guides, maybe you’d like my fun & interactive cybersec courses too :)